14 matches found
ASUSTeK COMPUTER RT-AC87U vulnerable to improper access control
Overview RT-AC87U provided by ASUSTeK COMPUTER INC. contains an improper access control vulnerability CWE-284. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker may read or write files that are not intended to be...
CVE-2022-20893
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20825
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service DoS condition. Th...
Vulnerability found in Atlassian Confluence Datacenter
A vulnerability has been found in Atlassian Confluence Datacenter. An unauthenticated malicious party could potentially exploit the vulnerability potentially exploit it to execute arbitrary code. Confluence Datacenter systems are only vulnerable when using the cluster functionality. Confluence...
Vulnerabilities found in Veritas Enterprise Vault
Vulnerabilities have been found in Veritas Enterprise Vault. A malicious party could potentially exploit the vulnerabilities to run execute arbitrary code on an Enterprise Vault server. To do this, the malicious party must send malicious network traffic to the vulnerable server. To successfully...
Vulnerabilities found in Corel products
FortiGuard Labs has found vulnerabilities in the following Corel products: Corel CorelDraw Standard Corel PDF Fusion Corel PhotoPaint Corel Presentations Corel WordPerfect A malicious party can exploit these vulnerabilities to execute arbitrary code under application privileges or to gain access ...
Vulnerability discovered in Microsoft Windows
Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...
CVE-2021-32029
A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...
Vulnerabilities found in Cisco Unified Communications Manager
Vulnerabilities have been found in Cisco Unified Communications Manager. The vulnerabilities allow a malicious party to manipulate data and obtain sensitive information. Cisco has not yet released updates to address the vulnerabilities. fix. More information can be found on the pages below:...
CVE-2021-1192
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...
CVE-2021-1183
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...
CVE-2021-1182
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...
CVE-2021-1168 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...
Cisco Unified Operations Manager Common Services Device Center Cross-Site Scripting Vulnerability
Cisco Unified Operations Manager contains a cross-site scripting vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user input supplied to the Common Services Device Center component used b...