213680 matches found
Cross site scripting
A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows attackers to inject JavaScript code that is executed when a user follows the crafted share link...
Default credentials
On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...
Design/Logic Flaw
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. The...
Design/Logic Flaw
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at...
Directory traversal
PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...
Server side request forgery (ssrf)
EspoCRM is an Open Source CRM Customer Relationship Management software. In affected versions there is Server-Side Request Forgery SSRF vulnerability via the upload image from url api. Users who have access to the /Attachment/fromImageUrl endpoint can specify URL to point to an internal host. Eve...
Authentication flaw
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass...
Command injection
Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability...
Deserialization of untrusted data
An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue...
Default credentials
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system...
Design/Logic Flaw
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS1 padding may leak timing...
Code injection
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...
Privilege escalation
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently...
Design/Logic Flaw
An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...
Code injection
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information tampering, code execution, denial of service...
Information disclosure
Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial ...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/form/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/nav/save...
Memory corruption
The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. The setexdata function used by the library did not deallocate memory used by pre-existing data in memory each time after completin...
Design/Logic Flaw
A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/div/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/nav/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via admin/nav/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/update...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/save...
Code injection
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK Class 2 networks or CCK Class 3 networks. The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given on...
Integer overflow
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...
Privilege escalation
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the aufs packa...
Privilege escalation
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the...
Privilege escalation
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the mxsldr...
Privilege escalation
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the aufs-util...
Privilege escalation
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the...
Design/Logic Flaw
A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder...
Design/Logic Flaw
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Struts 6.3.0.1 or greater, which...
Design/Logic Flaw
The MMS Interpreter of WagoAppRTU in versions below 1.4.6.0 which is used by the WAGO Telecontrol Configurator is vulnerable to malformed packets. An remote unauthenticated attacker could send specifically crafted packets that lead to a denial-of-service condition until restart of the affected...
Authentication flaw
An argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products "Session Border Controller" SBC and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02. This allows an unauthenticat...
Code injection
Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...
Design/Logic Flaw
An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API...