The vulnerability of the user interface of the TwinCAT Package Manager allows a hacker to execute arbitrary commands.

The vulnerability of the TwinCAT Package Manager’s user interface is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Huawei HarmonyOS和Huawei EMUI 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS and...

Huawei HarmonyOS和EMUI 安全漏洞

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A launcherAnyWhere vulnerability exists in the Huawei HarmonyOS and EMUI account module, which can be exploited b...

RHEL 5 : Red Hat Certificate System 8 (RHSA-2017:2560)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2560 advisory. Red Hat Certificate System is a complete implementation of an enterprise software system designed to manage enterprise public key infrastructure PKI...

CVE-2024-41745

IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

IBM CICS TX Standard 安全漏洞

IBM CICS TX Standard is a comprehensive single-transaction runtime package from International Business Machines IBM that provides a cloud-native deployment model for standalone applications. A cross-site request forgery vulnerability exists in the IBM CICS TX Standard Web UI, which can be exploit...

PT-2024-29551 · Ibm · Ibm Cics Tx Standard

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard affected versions not specified Description: The issue allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials...

IBM CICS TX Standard 跨站脚本漏洞

IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A cross-site scripting vulnerability exists in IBM CICS TX Standard version 11.1, which stems from...

CVE-2024-8934 Beckhoff: Local command injection via TwinCAT Package Manager

A local user with administrative access rights can enter specialy crafted values for settings at the user interface UI of the TwinCAT Package Manager which then causes arbitrary OS commands to be executed...

Beckhoff TwinCAT 操作系统命令注入漏洞

Beckhoff TwinCAT is a software system from Beckhoff, Germany, consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

CVE-2024-41153

Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive than what the wri...

KLA74632 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, cause denial of service, perform cross-site scripting attack, gain privileges, execute arbitrary code. Below is a complete list of...

KLA74633 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, cause denial of service, perform cross-site scripting attack, gain privileges, execute arbitrary code. Below is a complete list of...

LoLLMs 访问控制错误漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. An access control error vulnerability exists in LoLLMs versions prior to v10 that stems from the presence of a CORS configuration error that can be exploited by an attacker to steal sensitive...

The vulnerability of the logrotate configuration in the Nginx UI server’s user interface allows a hacker to execute arbitrary commands.

The vulnerability of the logrotate configuration in the Nginx UI server’s web interface is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands...

[SECURITY] Fedora 39 Update: podman-tui-1.2.3-1.fc39

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

Directory Traversal

github.com/0xJacky/Nginx-UI is vulnerable to Directory Traversal. The vulnerability is due to insufficient verification of values from the JSON field, allowing the construction of values in the form of ../../, which can lead to arbitrary file writing...

The vulnerability of the User Interface component of the Oracle Installed Base system, a component of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the User Interface component of the Oracle Installed Base information storage center in the Oracle E-Business Suite related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

CVE-2024-20273 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...