20 matches found
[R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1
R1 Stand-alone Security Patches Available for Tenable Security Center versions 6.4.x, 6.5.1 and 6.6.0: SC-202508.1 Arnie Cabral Thu, 08/28/2025 - 11:18 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components Apache, PHP, sqlit...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
QNAP Photo Station Path Traversal Vulnerability (QSA-24-13)
QNAP Photo Station is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:qnap:photostation"...
QNAP Photo Station Multiple Vulnerabilities (QSA-24-08)
QNAP Photo Station is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:qnap:photostation"; if...
Atlassian JIRA SEoL (6.4.x)
According to its version, Atlassian JIRA is 6.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...
Fortinet FortiOS 跨站脚本漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists ...
GHSA-32RP-Q37P-JG6W Insecure plugin handling in Mattermost
Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities...
CVE-2022-1384
Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities...
CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
EMC RSA Archer 6.1.x, 6.2.x, 6.3.x < 6.3.0.7 and 6.4.x < 6.4.0.1 SQL Injection Vulnerability
The version of EMC RSA Archer running on the remote web server is 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 or 6.4.x prior to 6.4.0.1. It is, therefore, affected by SQL Injection Vulnerability. See advisory for details. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11221...
Cross site scripting
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light...
Splunk Enterprise 6.4.x < 6.4.7 Multiple Vulnerabilities
According to its self-reported version number, the version of Splunk Enterprise running on the remote web server is 6.4.x prior to 6.4.7. It is, therefore, affected by multiple vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist due to improper validation of user-supplied...
Airwatch 6.1.x / 6.4.x LDAP Injection
https://www.osisecurity.com.au/airwatch-self-service-portal-username-parameter-ldap-injection.html Date: 04-Apr-2017 Product: AirWatch Self Service MDM Versions affected: v6.1.x v6.4.x Vulnerability: LDAP injection Example: https://target/DeviceManagement/ URL accepts the following POST parameter...
Design/Logic Flaw
Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk Light versions before 6.5.2 allows remote authenticated users to cause a denial of service daemon cras...
Atlassian JIRA 6.4.x < 6.4.11 Multiple Vulnerabilities
Binary data 9918.prm...
Splunk Enterprise Python Vulnerabilities (SP-CAAAPSR)
Splunk Enterprise is prone to multiple vulnerabilities in Python. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk";...
Input validation
IBM Tivoli Storage Manager for Space Management aka Spectrum Protect for Space Management 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output...
Skybox Security 6.3.x - 6.4.x - Multiple Information Disclosure
No description provided by source...
QNX 6.4.x/6.5.x ifwatchd - Local root Exploit
No description provided by source. !/bin/sh QNX 6.4.x/6.5.x ifwatchd local root exploit by cenobyte 2013 [email protected] - vulnerability description: Setuid root ifwatchd watches for addresses added to or deleted from network interfaces and calls up/down scripts for them. Any user can...
Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Vulnerabilities
Exploit Title: SKYBOX Security - DDOS Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, 6.4.46-2.57 Tested on: Centos 6.4 kernel 2.6.32 CVE :...