EUVD-2024-19253

Malicious code in bioql PyPI...

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to Slowloris HTTP DOS attack (CVE-2022-35639)

Summary IBM Sterling Partner Engagement Manager is vulnerable to Slowloris attack is a type of denial-of-service DoS attack which targets threaded web servers. The issue has been addressed. Vulnerability Details CVEID:CVE-2022-35639 DESCRIPTION: IBM Sterling Partner Engagement Manager do not limi...

PT-2024-25431 · Veritas · Veritas Backup Exec

Name of the Vulnerable Software and Affected Versions: Veritas Backup Exec versions prior to 22.2 HotFix 917391 Description: An issue was discovered that allows for DLL Hijacking in the Windows DLL Search path due to improper access controls. Recommendations: For versions prior to 22.2 HotFix...

Mobatek MobaXterm < 22.2 (CVE-2022-38336)

The version of Mobatek MobaXterm installed on the remote host is prior to 22.2. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-38336 advisory. - An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2023-5913

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

BeyondTrust Privileged Remote Access Authorization Issues Vulnerability

BeyondTrust Privileged Remote Access BeyondTrust PRA is a privileged remote access software from BeyondTrust Corporation. A security vulnerability exists in BeyondTrust Privileged Remote Access PRA versions 22.2.x , 22.3.x , and 22.4.x series, which stems from the presence of a local authenticati...

CVE-2023-23632

BeyondTrust Privileged Remote Access PRA versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the...

Juniper Networks Junos OS SRX 安全漏洞

Juniper Networks Junos OS SRX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS SRX that originates from a check or...

Juniper Networks Junos OS和Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos...

PT-2022-15390 · Ibm · Ibm Sterling Partner Engagement Manager

Name of the Vulnerable Software and Affected Versions: IBM Sterling Partner Engagement Manager versions 6.1.2, 6.2, and Cloud/SasS 22.2 Description: The issue allows a remote authenticated attacker to conduct an LDAP injection by using a specially crafted request. This could result in granting...