CVE-2021-36192

An exposure of sensitive information to an unauthorized actor CWE-200 vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS...

ABB System 800xA 安全漏洞

ABB System 800xA is a distributed control system from ABB Switzerland for the industrial control industry. ABB System 800xA has a security vulnerability that originates from storing camera passwords in clear text, which allows an attacker to stop or manipulate the video feed. The affected version...

Information disclosure

A missing cryptographic steps vulnerability CWE-325 in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it...

Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25423 Path Traversal Vulnerability (Synology-SA-20:06)

Synology DiskStation Manager DSM is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Information disclosure

An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to read the password used by the FortiWeb scanner to access the device defined in the scan profile...

EMC RSA Archer 6.1.x, 6.2.x, 6.3.x < 6.3.0.7 and 6.4.x < 6.4.0.1 SQL Injection Vulnerability

The version of EMC RSA Archer running on the remote web server is 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 or 6.4.x prior to 6.4.0.1. It is, therefore, affected by SQL Injection Vulnerability. See advisory for details. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11221...

Atlassian Bamboo 6.1.x < 6.1.6 / 6.2.x < 6.2.5 Incorrect Permission Check RCE

According to its self-reported version number, the instance of Atlassian Bamboo running on the remote host is 6.1.x prior to 6.1.6 or 6.2.x prior to 6.2.5. It is, therefore, affected by multiple remote code execution vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

TIBCO JasperReports XSS Vulnerability (Nov 2017)

TIBCO JasperReports contain a vulnerability which may allow a subset of authorized users to perform persistent cross-site scripting XSS attacks. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...

CVE-2017-4929

VMware NSX Edge 6.2.x before 6.2.9 and 6.3.x before 6.3.5 contains a moderate Cross-Site Scripting XSS issue which may lead to information disclosure...

Splunk Enterprise Python Vulnerabilities (SP-CAAAPSR)

Splunk Enterprise is prone to multiple vulnerabilities in Python. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk";...

TYPO3 Multiple Cross-Site Scripting Vulnerabilities (Jan 2016)

TYPO3 is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

Juniper ScreenOS 6.2.0r15 < 6.2.0r19 / 6.3.0r12 < 6.3.0r21 Multiple Vulnerabilities (JSA10713)

The remote host is running a version of Juniper ScreenOS that is 6.2.x prior to 6.2.0r19 or 6.3.x prior to 6.3.0r21. It is, therefore, affected by multiple vulnerabilities : - A backdoor exists that allows a remote attacker administrative access to the device over SSH or telnet. CVE-2015-7755 - A...

Splunk Enterprise 6.2.x < 6.2.2 Multiple Vulnerabilities (FREAK)

According to its version number, the Splunk Enterprise hosted on the remote web server is version 6.2.x prior to 6.2.2. It is, therefore, affected by the following vulnerabilities : - A flaw exists with ECDH handshakes when using an ECDSA certificate without a ServerKeyExchange message. This allo...

EasyPHPCalendar 6.1.5/6.2.x popup.php serverPath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...