cockpit: Unauthenticated remote code execution due to SSH command-line argument injection

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

EUVD-2004-0610

Malware in sbrugna...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

CVE-2024-28052

The CVE-2024-28052 entry concerns LevelOne WBR-6012, a wireless SOHO router. Talos reports a buffer overflow in the Web Application when handling HTTP POST requests with a URI length of 1454+ characters that do not start with /upn or /upg, causing a crash/reboot and potential access to a backdoor...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

LevelOne WBR-6012 Web Application denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2001 LevelOne WBR-6012 Web Application denial of service vulnerability October 30, 2024 CVE Number CVE-2024-33623 SUMMARY A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP...

PT-2024-22238 · Wbr-6012 · Wbr-6012

Name of the Vulnerable Software and Affected Versions: WBR-6012 affected versions not specified Description: The WBR-6012 is a wireless SOHO router that functions as an internet gateway for homes and small offices. It provides a WiFi access point and serves as a 4-port wired router, implementing...

Moderate: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2024-10470)

Cisco Unity Connection UC is a set of voice messaging platforms from the U.S. company Cisco Cisco. The platform can use voice commands to make calls or listen to messages hands-free. Cisco Unity Connection suffers from a cross-site scripting vulnerability that stems from the web-based...

Sysax Multi Server 6.95 - (Password) Denial of Service Exploit

Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Tested Version: 6.95 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows...

Security Bulletin: IBM CICS TX Standard is vulnerable to information disclosure due to IBM WebSphere Application Server Liberty (CVE-2022-22393)

Summary WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the information disclosure vulnerability CVE-2022-22393 from Liberty. Vulnerability Details CVEID:CVE-2022-22393 DESCRIPTION: IBM WebSphere Application Serve...

Cross-site scripting (XSS) in Apache ActiveMQ

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...

GHSA-66GW-CH5V-74V8 Cross-site scripting (XSS) in Apache ActiveMQ

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...

CVE-2020-13947

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...

CVE-2018-8006

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter...

Dell EMC Isilon OneFS XSS / Code Execution / CSRF

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Dell EMC Isilon OneFS Multiple Vulnerabilities 1. Advisory Information Title: Dell EMC Isilon OneFS Multiple Vulnerabilities Advisory ID: CORE-2017-0009 Advisory URL:...

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

Cross site scripting

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...