4 matches found
CVE-2020-11450
Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture, installation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp. An attacker could use this vulnerability to learn more about the environment the application is running in. This issue has been...
CVE-2024-45205
An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point not using UniFi Network Application could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. Affected Products: UniFi iOS App Version 10.17.7 and...
GHSA-F632-9449-3J4W Apache Tomcat - XSS in generated JSPs
Description: The fix for improvement 69333 caused pooled JSP tags not to be released after use which in turn could cause output of some tags not to escaped as expected. This unescaped output could lead to XSS. Versions Affected: - Apache Tomcat 11.0.0 - Apache Tomcat 10.1.31 - Apache Tomcat 9.0.9...
3S CODESYS Gateway Null Pointer Exception Vulnerability
OVERVIEW Ashish Kamble of Qualys, Inc has identified a null pointer exception vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Gateway Server. 3S-Smart Software Solutions GmbH has produced a new version to mitigate this vulnerability. Ashish Kamble has tested the new version to validat...