13 matches found
PT-2024-26534 · Unknown · Mybatis Plus
Name of the Vulnerable Software and Affected Versions: Mybatis plus versions prior to 3.5.6 Description: A SQL injection issue allows remote attackers to obtain database information via a Boolean blind injection. The vendor notes that this can only occur in a misconfigured application, and the...
PT-2024-12283 · Hyland +1 · Hyland Perceptive Filters +2
Name of the Vulnerable Software and Affected Versions: Hyland Perceptive Filters versions prior to 2023-12-08 Cisco IronPort Email Security Appliance Software affected versions not specified Cisco Secure Email Gateway affected versions not specified Description: The issue allows attackers to...
Citrix Application Delivery Controller授权问题漏洞
Citrix Systems Citrix Application Delivery Controller ADC is an application delivery controller from Citrix Systems. The product has features such as application delivery control and load balancing. Citrix Application Delivery Controller has a security vulnerability, please follow the vendor's...
PT-2021-19754 · Qsan · Qsan Storage Manager
Name of the Vulnerable Software and Affected Versions: QSAN Storage Manager affected versions not specified Description: The issue allows remote attackers to obtain system information without permissions due to an observable behavioral discrepancy vulnerability. Recommendations: Contact QSAN and...
Cross-site Scripting Vulnerability in Hitachi Device Manager
Overview A Cross-site Scripting Vulnerability was found in Hitachi Device Manager. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
SSH Known Hard Coded Private Keys
The remote host is running a service that is using a publicly known SSH private key. An attacker may use this key to decrypt intercepted traffic between users and the device. A remote attacker can also perform a man-in-the-middle attack in order to gain access to the system or modify data in...
PT-2018-15031 · Hashicorp +1 · Hashicorp Consul +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul versions 0.5.1 through 1.4.0 Description: The issue arises from the improper documentation of the verify outgoing setting, allowing HashiCorp Consul to use cleartext agent-to-agent RPC communication. This affects versions 0.5...
PT-2018-13698 · Octoprint · Octoprint
Name of the Vulnerable Software and Affected Versions: OctoPrint versions 1.3.9 and earlier Description: The issue allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. The vendor disputes the significance of this report, citing their...
Denial-of-service (DoS) Vulnerability in JP1 and Hitachi IT Operations Director
Overview A vulnerability to denial-of-service attacks was found in JP1 and Hitachi IT Operations Director. Impact An attacker may conduct denial-of-service attacks. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
Vulnerability in JP1/NETM/DM and Job Management Partner 1/Software Distribution data reproduction functionality
Overview JP1/NETM/DM and Job Management Partner 1/Software Distribution contain a vulnerability that prevents them from disabling writing to built-in USB storage devices. Impact An attacker can exploit this vulnerability to prevent the affected products from disabling writing to built-in type USB...
Vulnerability in JP1/HIBUN Advanced Edition Information Cypher Removable Media Encryption
Overview Removable media encrypted by JP1/HIBUN Advanced Edition Information Cypher contains a vulnerability. Impact The contents of the removable media encrypted by JP1/HIBUN Advanced Edition Information Cypher can be accessed through PCs installed with JP1/HIBUN Advanced Edition Information...
Arbitrary Data Insertion Vulnerability in Hitachi Web Server SSL/TLS Protocol
Overview When using SSL on the Hitachi Web Server, it could allow an attacker to insert arbitrary data on the top of communication data. Impact A remote attacker could insert arbitrary data on the top of communication data. Solution Please refer to the 'Vendor Information' section for the officia...
Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe
Overview Access Analyzer CGI from futomi's CGI Cafe contains a predictable session ID vulnerability. Access Analyzer CGI provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI contains a predictable session ID vulnerability. Impact A remote attacker could...