10 matches found
GHOSTS 路径遍历漏洞
GHOSTS is an open source realistic user simulation framework for network experiments, simulations, training and exercises from the Software Engineering Institute. A path traversal vulnerability exists in GHOSTS versions 8.0.0.0 through prior to 8.2.7.90, which stems from the presence of a path...
PT-2025-7627 · Ghosts · Ghosts
Name of the Vulnerable Software and Affected Versions: GHOSTS versions 8.0.0.0 through 8.2.7.89 Description: A path traversal vulnerability was discovered in GHOSTS that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint. The vulnerability...
CVE-2022-2975
A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0...
CVE-2021-25653
A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities AVPU that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU...
Avaya Aura Appliance Virtualization Platform Utilities (AVPU) 安全漏洞
Avaya Aura AVPU is an application virtualization platform utility from Avaya, USA. It provides features for the AVP platform, such as AVP alert and log collection, dual-stack support, service access, and out-of-band management. A security vulnerability exists in Avaya Aura Appliance Virtualizatio...
Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2019-1559)
Summary IBM MQ Appliance has addressed the following OpenSSL vulnerability. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a...
PT-2019-16887 · Ibm · Ibm Websphere Mq
Name of the Vulnerable Software and Affected Versions: IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1 Description: The issue allows a local non-privileged user to execute code as an administrator due to incorrect permissions set on MQ installatio...
PT-2019-16856 · Ibm · Ibm Websphere Mq
Name of the Vulnerable Software and Affected Versions: IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1 Description: The issue allows a local attacker to cause a denial of service within the error log reporting system. Recommendations: For IBM...
Security Bulletin: IBM MQ can allow an attacker to execute a privilege escalation attack on a local machine. (CVE-2018-1792)
Summary A problem within IBM MQ queue manager libraries could allow an attacker who has mqm login access to a server to use IBM MQ to escalate their privileges on that system and gain access to the root user. Vulnerability Details CVEID: CVE-2018-1792 DESCRIPTION: IBM MQ could allow a local user ...
Security Bulletin: IBM MQ Appliance is affected by a UI message injection vulnerability (CVE-2018-1666)
Summary IBM MQ Appliance has addressed the following UI message injection vulnerability. Vulnerability Details CVEID: CVE-2018-1666 DESCRIPTION: IBM WebSphere DataPower Appliances could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. CVSS Base Score: 4....