56 matches found
CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...
CVE-2022-22524 SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...
CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass
An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...
CVE-2022-22523 Carlo Gavazzi UWP 3.0 WebApp allows for authentication bypass
An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...
Carlo Gavazzi UWP 输入验证错误漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management, and parking lot guidance. An input validation error vulnerability exists in Carlo Gavazzi UWP 3.0, which stems from a la...
Carlo Gavazzi UWP 信任管理问题漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. A trust management issue vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploited ...
Carlo Gavazzi UWP 路径遍历漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A path traversal vulnerability exists in Carlo Gavazzi UWP 3.0, which can be exploit...
Carlo Gavazzi UWP 跨站脚本漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. It is used for applications such as building automation, energy efficiency performance management and parking lot guidance. A cross-site scripting vulnerability exists in Carlo Gavazzi UWP 3.0, which can be...
Carlo Gavazzi UWP 操作系统命令注入漏洞
Carlo Gavazzi UWP is a monitoring and control Universal Web Platform from Carlo Gavazzi. for applications such as building automation, energy efficiency performance management and parking lot guidance. An operating system command injection vulnerability exists in Carlo Gavazzi UWP 3.0, which can ...
July 12, 2022—KB5015827 (OS Build 20348.825)
None None...
CVE-2021-33063
Uncontrolled search path in the IntelR RealSenseTM D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access...
Design/Logic Flaw
Uncontrolled search path in the IntelR RealSenseTM D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2021-33063
The vulnerability CVE-2021-33063 affects the Intel RealSense D400 Series UWP driver for Windows 10 prior to version 6.1.160.22. The root cause is an uncontrolled search path, which could allow an authenticated user to escalate privileges through local access. Intel’s advisory and Red Hat/NVD entr...
Canadian Furious Beaver - A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Furious Beaver is a distributed tool for capturing IRPs sent to any Windows driver. It operates in 2 parts: 1. the "Broker" combines both a user-land agent and a self-extractable driver IrpDumper.sys that will install itself on the targeted system. Once running it will expose depending on the...
Microsoft Windows Diagnostic Hub Elevation of Privilege Vulnerability
Microsoft Windows Diagnostic Hub is an application from Microsoft Corporation USA. It is not only a task manager, but also a device diagnostic center. This application combines Windows developer tools with UWP functionality to access new information and features.Microsoft Windows Diagnostic Hub i...
Intel RealSense D400 Series 代码问题漏洞
The Intel RealSense D400 Series is a series of cameras from Intel Corporation USA that deliver real-sense technology. This series of cameras is the preferred solution for applications such as robot navigation and object recognition. A code issue vulnerability exists in the Intel RealSense D400...
Intel® RealSense™ D400 Series UWP Advisory
Summary: A potential security vulnerability in the Intel® RealSense™ D400 Series Universal Windows Platform UWP driver for Windows 10 may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33063...
September 14, 2021—KB5005575 (OS Build 20348.230)
None None...
Binary Vulnerability in Microsoft DirectComposition
DirectComposition is a graphical interface rendering framework introduced by Microsoft in the kernel since Windows 8, mainly used for rendering windows, interfaces and animations of UWP applications. A binary vulnerability exists in Microsoft DirectComposition, which can be exploited by attackers...
CVE-2020-8763
Improper permissions in the installer for the IntelR RealSenseTM D400 Series UWP driver for Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access...