AVEVA Software, LLC. Security Vulnerabilities

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without...

CVE-2023-25828

Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization...

CVE-2023-42462

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The document upload process can be diverted to delete some files. Users are advised to upgrade to version...

CVE-2022-39371

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Script related HTML tags in assets inventory information are not properly neutralized. This issue has.....

Security Bulletin: IBM QRadar Suite software is vulnerable to injection attacks

Summary IBM QRadar Suite software is vulnerable to injection attacks through dashboard parameters. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version....

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164: Apache Struts path traversal to RCE...

CVE-2024-37167

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog items that they should not see. This issue has been patched in Tuleap Community Edition version...

CVE-2023-42461

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised.....

Exploit for Incorrect Authorization in Ivanti Mobileiron Sentry

CVE-2023-38035 POC for CVE-2023-38035 affecting Ivanti Sentry...

Exploit for Forced Browsing in Fortra Goanywhere Managed File Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

CVE-2022-39323

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST user_token. This issue has been patched, please...

Cisco NX-OS Software Unexpected IP in IP Packet Processing (CVE-2020-10136)

Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access...

CVE-2023-46784

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a...

CVE-2023-41326

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A logged user from any profile can hijack the Kanban feature to alter any user field, and end-up with...

CVE-2023-41320

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

OpenVPN vulnerability

Releases Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages openvpn - virtual private network software Details It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using...

CVE-2024-21418 Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability

...

silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

Cisco ASA Software and FTD Software Web Services Interface XSS (cisco-sa-asaftd-xss-multiple-FCB3vPZe) (Direct Check)

The version of Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software running on the remote web server is affected by a cross-site scripting vulnerability. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to...

K000140189: Linux kernel vulnerability CVE-2021-47572

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path.....

Cisco Wireless LAN Controller Software IAPP Message Handling Denial of Service Vulnerabilities

According to its self-reported version, Cisco Wireless LAN Controller (WLC) is affected by following multiple vulnerabilities Multiple vulnerabilities in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an ...

tpm2-tss vulnerabilities

Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-22745) Jurgen Repp and Andreas Fuchs discovered...

Exploit for CVE-2024-1403

CVE-2024-1403 Progress OpenEdge Authentication Bypass An...

IBM HTTP Server Installed (Linux)

IBM HTTP Server is installed on the remote Linux / Unix...

ROS-20240611-02

The vulnerability of Tss2_RC_Decode and Tss2_RC_SetHandler functions of TCG TPM2 TPM2 Software Stack implementation is related to buffer copying without input data validation. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, violate its integrity, and...

Atlassian Confluence Installed (Windows)

Atlassian Confluence was detected on the remote Windows...

SuiteCRM - SQL Injection

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this...

Atlassian JIRA Installed (Windows)

Atlassian JIRA, issue tracking software, was detected on the remote Windows...

Atlassian Confluence Installed (Linux)

Atlassian Confluence was detected on the remote Linux...

Exploit for Incorrect Authorization in Telegram

Disclaimer This exploit has been created solely for the...

Exploit for Command Injection in Vmware Aria Operations For Networks

CVE-2023-20887 POC for CVE-2023-20887 VMWare Aria Operations...

OpenCMS 14 & 15 - Cross Site Scripting

Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury'...

CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...

Exploit for Improper Access Control in Papercut Papercut Mf

CVE-2023-27350 POC for CVE-2023-27350 affecting PaperCut...

Apache Struts - Multiple Open Redirection Vulnerabilities

Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied...

CVE-2023-41888

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The lack of path filtering on the GLPI URL may allow an attacker to transmit a malicious URL of login page.....

U.S. Dept Of Defense: Subdomain takeover ████████.mil

Description: The subdomain █████.mil is pointing to peosol-lg.███████., the domain ██████ is currently available for registration as can be seen at https://www.godaddy.com/nl-nl/domainsearch/find?domainToCheck=█████ Given the rules, residency of the US, of the us-tld I decided not to register the.....

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Secure Email Gateway, formerly Email Security Appliance (ESA); and Secure Web Appliance could allow a remote attacker to conduct a cross-site scripting (XSS) attack...

Cisco Firepower Management Center Software Object Group Access Control List Bypass (cisco-sa-fmc-object-bypass-fTH8tDjq)

A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....

CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager

CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5...

Atlassian Jira Installed (Unix / Linux)

Atlassian JIRA, issue tracking software, was detected on the remote Unix / Linux...

Atlassian JIRA Plugins Detection

The Atlassian JIRA application running on the remote host has plugins installed and...

ROS-20240607-03

A vulnerability in the lrzip.c:initialize_control component of the Irzip software tool is caused by a buffer overflow in dynamic memory. buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely, affect confidentiality, integrity and availability.....

silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

CVE-2024-2276 Bdtask G-Prescription Gynaecology & OBS Consultation Software Edit Venue Page cross site scripting

A vulnerability has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Venue_controller/edit_venue/ of the component Edit Venue Page. The manipulation of the argument....

Atlassian Bamboo Detection

The remote host is running Atlassian Bamboo, a continuous integration server written in...

CVE-2023-21725 Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability

...

Exploit for Race Condition in Microsoft

CVE-2023-36884: MS Office HTML RCE with crafted documents On...

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...