213680 matches found
Design/Logic Flaw
A vulnerability has been identified in Polarion ALM All versions. The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM...
Code injection
A vulnerability has been identified in Polarion ALM All versions. The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code...
Privilege escalation
A vulnerability has been identified in Unicam FX All versions. The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host conhost.exe as a child process with SYSTEM privileges. This could be exploited by an attacker to...
Null pointer dereference
A vulnerability has been identified in Parasolid V35.0 All versions V35.0.251, Parasolid V35.1 All versions V35.1.170. The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XT files. An attacker could leverage this vulnerability to crash the...
Stack overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to...
Stack overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to...
Design/Logic Flaw
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. Thi...
Design/Logic Flaw
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions, Tecnomatix Plant Simulation V2302 All versions V2302.0007. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could all...
Sql injection
A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database...
Null pointer dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions, Tecnomatix Plant Simulation V2302 All versions V2302.0007. The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this...
Remote code execution
A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution...
Out-of-bounds
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. Th...
Stack overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker t...
Hardcoded credentials
A vulnerability has been identified in Location Intelligence Perpetual Large 9DE5110-8CA13-1AX0 All versions V4.3, Location Intelligence Perpetual Medium 9DE5110-8CA12-1AX0 All versions V4.3, Location Intelligence Perpetual Non-Prod 9DE5110-8CA10-1AX0 All versions V4.3, Location Intelligence...
Command injection
A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection...
Design/Logic Flaw
A vulnerability has been identified in Simcenter Femap All versions V2306.0000. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the curre...
Design/Logic Flaw
A vulnerability has been identified in Simcenter Femap All versions V2401.0000. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the curre...
Memory corruption
A vulnerability has been identified in Simcenter Femap All versions V2401.0000. The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-21712...
Design/Logic Flaw
A vulnerability has been identified in Simcenter Femap All versions V2306.0000. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current...
Design/Logic Flaw
A vulnerability has been identified in OpenPCS 7 V9.1 All versions, SIMATIC BATCH V9.1 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC Route Control V9.1 All versions, SIMATIC WinCC Runtime Professional V18 All versions, SIMATIC WinCC Runtime Professional V19 All versions, SIMATIC WinCC V7...
Design/Logic Flaw
A vulnerability has been identified in OpenPCS 7 V9.1 All versions, SIMATIC BATCH V9.1 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC Route Control V9.1 All versions, SIMATIC WinCC Runtime Professional V18 All versions, SIMATIC WinCC Runtime Professional V19 All versions, SIMATIC WinCC V7...
Out-of-bounds
A vulnerability has been identified in Parasolid V35.0 All versions V35.0.263, Parasolid V35.1 All versions V35.1.252, Parasolid V36.0 All versions V36.0.198, Solid Edge All versions V223.0.11. The affected applications contain an out of bounds read past the end of an allocated structure while...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...
Null pointer dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions, Tecnomatix Plant Simulation V2302 All versions V2302.0007. The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this...
Out-of-bounds
A vulnerability has been identified in Simcenter Femap All versions V2401.0000, Simcenter Femap All versions V2306.0001. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker t...
Design/Logic Flaw
A vulnerability has been identified in Simcenter Femap All versions V2401.0000. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the curre...
Null pointer dereference
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions, Tecnomatix Plant Simulation V2302 All versions V2302.0007. The affected applications contain a null pointer dereference vulnerability while parsing specially crafted SPP files. An attacker could leverage this...
Heap overflow
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0012, Tecnomatix Plant Simulation V2302 All versions V2302.0006. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker...
Command injection
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privilege...
Design/Logic Flaw
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromise...
Privilege escalation
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
Cross site request forgery (csrf)
The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie if signed cookies are disabled...
Cross site request forgery (csrf)
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20...
Authentication flaw
Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker can bypass signature verification by providing a shorter signature that matches the beginning of th...
Authorization
The SAP Fiori app My Overtime Request - version 605, does not perform the necessary authorization checks for an authenticated user which may result in an escalation of privileges. It is possible to manipulate the URLs of data requests to access information that the user should not have access to...
Xxe
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure 9.x, 22.x, Ivanti Policy Secure 9.x, 22.x and ZTA gateways which allows an attacker to access certain restricted resources without authentication...
Design/Logic Flaw
SAP Companion - version 3.1.38, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information and cause minor impact on the integrity of the web application...
Authorization
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
Input validation
Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...
Cross site scripting
Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, S4FND 108, WEBCUIF 700, WEBCUIF 701, WEBCUIF 730, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled...
Authorization
In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...
Code injection
SAP IDES ECC-systems contain code that permits the execution of arbitrary program code of user's choice.An attacker can therefore control the behaviour of the system by executing malicious code which can potentially escalate privileges with low impact on confidentiality, integrity and availabilit...
Cross site scripting
SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...
Design/Logic Flaw
SAP NetWeaver Application Server ABAP - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be restricted with low impact on confidentiality of t...
Design/Logic Flaw
SAP Bank Account Management BAM allows an authenticated user with restricted access to use functions which can result in escalation of privileges with low impact on confidentiality, integrity and availability of the application...
Design/Logic Flaw
SAP NetWeaver AS Java CAF - Guided Procedures - version 7.50, allows an unauthenticated attacker to submit a malicious request with a crafted XML file over the network, which when parsed will enable him to access sensitive files and data but not modify them. There are expansion limits in place so...
Command injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later...
Command injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later...
Cross site scripting
SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious...