[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 253351 Download | Alert*

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges.

The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with ���user��� privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens.

Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme.

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents.

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm.

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The ...

Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang.��It is recommended to upgrade to a version that is not affected

Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.

Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.


Pages:      Start    24572    24573    24574    24575    24576    24577    24578    24579    24580    24581    24582    24583    24584    24585    ..   25335

© SecPod Technologies