CVE-2024-1180 TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability

TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The specific issue...

CVE-2024-1180 TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability

TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The specific issue...

CVE-2024-1180

CVE-2024-1180 refers to a command-injection vulnerability in TP-Link Omada ER605 where the root cause is improper validation of a user-supplied string in the name field of the access control UI. This flaw can allow network-adjacent attackers to execute arbitrary code with root privileges, and exp...

PT-2024-3819 · Cisco · Cisco Enterprise Chat/Email

Name of the Vulnerable Software and Affected Versions: Cisco Enterprise Chat and Email ECE affected versions not specified Description: A vulnerability in the web UI of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack...

PT-2024-3800 · Cisco · Cisco Emergency Responder

Name of the Vulnerable Software and Affected Versions: Cisco Emergency Responder affected versions not specified Description: A vulnerability in the web UI of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack. This is due to insufficient protection...

Cisco Emergency Responder 安全漏洞

Cisco Emergency Responder is an emergency response framework from Cisco USA. A security vulnerability exists in Cisco Emergency Responder that stems from inadequate protection of the Web UI on affected systems...

The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition systems, related to lack of access control, allows a intruder to trigger a service failure on the operator panel.

The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition industrial devices is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the...

The vulnerability of the user interface of the Edge Router microprogramming software for devices in the VMware SD-WAN Edge and VMware SD-WAN Orchestrator software platform for managing programmatically configurable networks allows a perpetrator to execute arbitrary commands.

The vulnerability of the Edge Router user interface of microprogramming software in VMware SD-WAN Edge and the VMware SD-WAN Orchestrator platform for managing programmatically configurable networks is related to the failure to eliminate special elements used in operating systems commands...

Fedora: Security Advisory for podman-tui (FEDORA-2024-529fe8a802)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-22f1e313dd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-831bad8f8f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: podman-tui-1.0.0-1.fc38

podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

LoLLMs 安全漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs versions prior to 9.1 that stems from allowing everyone to access the cors configuration...

[SECURITY] Fedora 40 Update: podman-tui-1.0.0-1.fc40

podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge relates to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to carry out spear-phishing attacks using a specially created malicious web page...

Important: Red Hat Security Advisory: ACS 4.4 enhancement and security update

Important: Updated images are now available for Red Hat Advanced Cluster Security. Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. This release includes the following features and updates: New Compliance capabilities...

CVE-2024-28784

IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893...

CVE-2023-50961

IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 275939...

SUSE CVE-2023-42843

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing...

PT-2024-22573 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.5 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This is due to a...