Gallagher Command Centre Server 安全漏洞

Gallagher Command Centre Server is a management system for monitoring and managing infrastructure in buildings from Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre Server, which arises from the inclusion of functionality from an untrusted span of control that...

CVE-2024-21838

Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...

Design/Logic Flaw

An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an insufficiently-privileged user to infer the presence of items that would not otherwise be viewable. This issue affects: Gallagher Command Centre 8.70 prior to vEL8.70.1787 MR2, 8.60 prior to vEL8.60.2039 MR4, all...

Amazon Linux AMI : ghostscript (ALAS-2023-1853)

The version of ghostscript installed on the remote host is prior to 8.70-24.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1853 advisory. A divide by zero issue discovered in epsprintpage in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers ...