filecc (>=0.0.1 <=1.0.1), gm-i18n-migrate (>=2.7.0 <=2.9.0) +3 more potentially affected by unknown CVE via opencc (>=1.0.6 <=1.1.3)

opencc NPM version =1.0.6, =0.0.1, =2.7.0, =2.7.2, =1.0.2, =1.0.5 - wise-paas-notify-utility =1.4.10-s2t1 Source cves: unknown CVE Source advisory: OSV:GHSA-7FQQ-Q52P-2JJG...

CVE-2021-27437

The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM versions prior to...

CVE-2019-18229

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attacker can leverage these vulnerabilities to disclose information...

EUVD-2019-5006

Malware in sbrugna...

EUVD-2021-14191

Malware in sbrugna...

EUVD-2019-8027

Malware in sbrugna...

EUVD-2019-8029

Malware in sbrugna...

EUVD-2019-5002

Malware in sbrugna...

EUVD-2021-27574

Malicious code in bioql PyPI...

CVE-2019-18227

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilities exist that may allow disclosure of sensitive data...

CVE-2019-13551

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator...

CVE-2019-13547

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use the function without authentication...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

Privilege escalation

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40397

The CVE-2021-40397 entry relates to a privilege-escalation in Advantech WISE-PaaS/OTA Server 3.0.9. TALOS details describe a local attack where a specially crafted file in the OTA Server installation triggers elevation to NT AUTHORITY\SYSTEM by replacing files used by the PostgreSQL-related binar...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

Advantech has unspecified vulnerabilities (CNVD-2022-08290)

Advantech is an application of Advantech, a Chinese company that provides an intelligent electric bus management system.A security vulnerability exists in Advantech WISE-PaaS OTA Server 3.0.9, which can replace specially crafted files in the system to escalate privileges to NT system privileges. ...

Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the installation of f Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested...