8031 matches found
CVE-2021-28671
Xerox Phaser 6510 before 64.65.51 and 64.59.11 Bridge, WorkCentre 6515 before 65.65.51 and 65.59.11 Bridge, VersaLink B400 before 37.65.51 and 37.59.01 Bridge, B405 before 38.65.51 and 38.59.01 Bridge, B600/B610 before 32.65.51 and 32.59.01 Bridge, B605/B615 before 33.65.51 and 33.59.01 Bridge,...
CVE-2021-28671
Xerox Phaser 6510 before 64.65.51 and 64.59.11 Bridge, WorkCentre 6515 before 65.65.51 and 65.59.11 Bridge, VersaLink B400 before 37.65.51 and 37.59.01 Bridge, B405 before 38.65.51 and 38.59.01 Bridge, B600/B610 before 32.65.51 and 32.59.01 Bridge, B605/B615 before 33.65.51 and 33.59.01 Bridge,...
CVE-2021-28673
Xerox Phaser 6510 before 64.61.23 and 64.59.11 Bridge, WorkCentre 6515 before 65.61.23 and 65.59.11 Bridge, VersaLink B400 before 37.61.23 and 37.59.01 Bridge, B405 before 38.61.23 and 38.59.01 Bridge, B600/B610 before 32.61.23 and 32.59.01 Bridge, B605/B615 before 33.61.23 and 33.59.01 Bridge,...
CVE-2021-28673
Xerox Phaser 6510 before 64.61.23 and 64.59.11 Bridge, WorkCentre 6515 before 65.61.23 and 65.59.11 Bridge, VersaLink B400 before 37.61.23 and 37.59.01 Bridge, B405 before 38.61.23 and 38.59.01 Bridge, B600/B610 before 32.61.23 and 32.59.01 Bridge, B605/B615 before 33.61.23 and 33.59.01 Bridge,...
Code injection
Xerox Phaser 6510 before 64.61.23 and 64.59.11 Bridge, WorkCentre 6515 before 65.61.23 and 65.59.11 Bridge, VersaLink B400 before 37.61.23 and 37.59.01 Bridge, B405 before 38.61.23 and 38.59.01 Bridge, B600/B610 before 32.61.23 and 32.59.01 Bridge, B605/B615 before 33.61.23 and 33.59.01 Bridge,...
CVE-2021-28671
Xerox Phaser 6510 before 64.65.51 and 64.59.11 Bridge, WorkCentre 6515 before 65.65.51 and 65.59.11 Bridge, VersaLink B400 before 37.65.51 and 37.59.01 Bridge, B405 before 38.65.51 and 38.59.01 Bridge, B600/B610 before 32.65.51 and 32.59.01 Bridge, B605/B615 before 33.65.51 and 33.59.01 Bridge,...
CVE-2021-28671
CVE-2021-28671 affects Xerox printers and related devices (Phaser 6510, WorkCentre 6515, VersaLink B400/B405, B600/B610, B605/B615, B7025/30/35, C400/C405/C500/C600/C505/C605/C7000/C7020/25/30, C8000/C9000, C8000W) with a remote Command Execution vulnerability in the Web User Interface. The issue...
CVE-2021-28673
Xerox Phaser 6510 before 64.61.23 and 64.59.11 Bridge, WorkCentre 6515 before 65.61.23 and 65.59.11 Bridge, VersaLink B400 before 37.61.23 and 37.59.01 Bridge, B405 before 38.61.23 and 38.59.01 Bridge, B600/B610 before 32.61.23 and 32.59.01 Bridge, B605/B615 before 33.61.23 and 33.59.01 Bridge,...
Aruba Access Points 输入验证错误漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant suffers from an arbitrary file modification vulnerability that can be exploited by an attacker via the Web UI to overwrite arbitrary files with content under their control...
Xerox Phaser 6510 安全漏洞
The Xerox Phaser 6510 is a printer from the American company Xerox. It provides printing functionality. A security vulnerability exists in Xerox Phaser that could allow a remote attacker with a "weaponized clone file" to execute arbitrary commands within the web user interface. The following...
CVE-2021-22888
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the status parameter of campaign-zone-zones.php. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScri...
Cross site scripting
Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnerability in the statsBreakdown parameter of stats.php and possibly other scripts due to single quotes not being escaped. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking...
Cisco IOS XE Command Injection Vulnerability (CNVD-2021-24467)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient input validation. An attacker can exploit this vulnerability by...
CVE-2021-1220
Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...
Cisco IOS XE Software 路径遍历漏洞
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient input validation. An attacker can exploit this vulnerability by...
Cisco IOS XE Software 输入验证错误漏洞
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...
Intel RST User Interface / Driver Privilege Escalation Exploit
Hi @ll, more than 2 years ago I disclosed 2 vulnerabilities leading to local escalation of privilege in the Intel® Rapid Storage Technology Intel® RST User Interface and Driver: see and Intel fixed this vulnerability only in their executable installer. Some time later Intel rewrote or rebuilt thi...
KLA12129 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can b...
CVE-2021-22191
There's a flaw in Wireshark. An attacker who sends malicious links with schemes other than http/https over the wire or via a pcapng file, and who is able to get a victim user of Wireshark's user interface to click these links, could perform actions such as mounting volumes, or in some cases...
The vulnerability of the Google Chrome browser’s media component, which allows a hacker to access confidential data
The vulnerability of the Google Chrome browser’s media component is related to security issues with the user interface. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...