26 matches found
kernel: Linux kernel: Privilege escalation via out-of-bounds write in RDMA/siw
A flaw was identified in the Linux kernel RDMA siw implementation where an undefined opcode value could be used during immediate work request flushing while in an error state. The send queue element opcode was not correctly set, which could lead to an out-of-bounds access when mapping between the...
CVE-2023-48644
An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...
ARCHIBUS Cross-Site Scripting Vulnerability
ARCHIBUS is a software platform from ARCHIBUS focused on helping organizations effectively manage their real estate, facilities and infrastructure to improve efficiency, reduce costs and support strategic planning. A cross-site scripting vulnerability exists in ARCHIBUS version 4.0.3 iOS, which...
CVE-2023-48644
An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...
PT-2024-13616 · Archibus · Archibus
Name of the Vulnerable Software and Affected Versions: Archibus app version 4.0.3 for iOS Description: An issue was discovered in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate...
CVE-2023-48644
The CVE-2023-48644 entry affects Archibus app version 4.0.3 on iOS, with a cross-site scripting (XSS) vulnerability in the description field of the maintenance module’s Create Work Request feature. The underlying issue allows an attacker to perform actions on behalf of the user and exfiltrate dat...