Количество 289 610
Количество 289 610
GHSA-29qc-f8cr-rmg5
An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The disclosed information is for Diagnostics Agent Connection via Java SCS Message Server of an SAP Solution Manager system and can only be accessed by authenticated SAP Landscape Management users, but they can escalate their privileges to the SAP Solution Manager system.
GHSA-29qc-7h9x-7mpw
Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php.
GHSA-29q9-j4j7-vqf4
Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php.
GHSA-29q9-4h2h-9p7g
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.
GHSA-29q8-r6j6-rcv6
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.
GHSA-29q7-v5hv-33hm
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."
GHSA-29q6-xr6f-w93f
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572.
GHSA-29q6-p2cg-4v23
Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin
GHSA-29q6-h2f3-x724
Missing Authorization vulnerability in AddonMaster Post Grid Master.This issue affects Post Grid Master: from n/a through 3.4.7.
GHSA-29q6-2h5v-5h96
SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter.
GHSA-29q4-jv6w-vrg6
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
GHSA-29q4-gxjq-rx5c
Remote Code Execution in SCIMono
GHSA-29q2-x88c-692h
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
GHSA-29q2-fp4w-f7hm
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.
GHSA-29q2-994c-m8hr
An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.
GHSA-29q2-69mh-57j9
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation.
GHSA-29px-hvx8-j7xf
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.
GHSA-29px-fxx4-vhvc
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1.
GHSA-29px-fjqx-xh4f
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. More Information: CSCvc76631. Known Affected Releases: 2.2(9.76).
GHSA-29pw-wh27-wxcp
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
---|---|---|---|---|
GHSA-29qc-f8cr-rmg5 An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The disclosed information is for Diagnostics Agent Connection via Java SCS Message Server of an SAP Solution Manager system and can only be accessed by authenticated SAP Landscape Management users, but they can escalate their privileges to the SAP Solution Manager system. | CVSS3: 8.7 | 0% Низкий | больше 2 лет назад | |
GHSA-29qc-7h9x-7mpw Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php. | 1% Низкий | больше 3 лет назад | ||
GHSA-29q9-j4j7-vqf4 Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php. | CVSS3: 6.1 | 5% Низкий | около 3 лет назад | |
GHSA-29q9-4h2h-9p7g Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | 1% Низкий | больше 3 лет назад | ||
GHSA-29q8-r6j6-rcv6 HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service. | CVSS3: 6.3 | 0% Низкий | 5 месяцев назад | |
GHSA-29q7-v5hv-33hm Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability." | 56% Средний | больше 3 лет назад | ||
GHSA-29q6-xr6f-w93f EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад | |
GHSA-29q6-p2cg-4v23 Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin | CVSS3: 8.8 | 0% Низкий | около 3 лет назад | |
GHSA-29q6-h2f3-x724 Missing Authorization vulnerability in AddonMaster Post Grid Master.This issue affects Post Grid Master: from n/a through 3.4.7. | CVSS3: 5.3 | 0% Низкий | больше 1 года назад | |
GHSA-29q6-2h5v-5h96 SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 0% Низкий | больше 3 лет назад | ||
GHSA-29q4-jv6w-vrg6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | 0% Низкий | около 3 лет назад | ||
GHSA-29q4-gxjq-rx5c Remote Code Execution in SCIMono | 81% Высокий | больше 4 лет назад | ||
GHSA-29q2-x88c-692h Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. | 0% Низкий | около 3 лет назад | ||
GHSA-29q2-fp4w-f7hm The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files. | CVSS3: 4.9 | 0% Низкий | больше 1 года назад | |
GHSA-29q2-994c-m8hr An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад | |
GHSA-29q2-69mh-57j9 An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад | |
GHSA-29px-hvx8-j7xf This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад | |
GHSA-29px-fxx4-vhvc A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1. | CVSS3: 7.5 | 3% Низкий | больше 3 лет назад | |
GHSA-29px-fjqx-xh4f A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. More Information: CSCvc76631. Known Affected Releases: 2.2(9.76). | CVSS3: 8.8 | 1% Низкий | больше 3 лет назад | |
GHSA-29pw-wh27-wxcp SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638. | CVSS3: 8.8 | 8% Низкий | больше 3 лет назад |
Уязвимостей на страницу