Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2019-25061

The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction. Zafiyet…

Devamını oku

CVE-2021-41946

In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control –> Access Time Restriction –> Username field, a user cannot delete…

Devamını oku

CVE-2022-1359

The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If…

Devamını oku

CVE-2022-1360

The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration…

Devamını oku

CVE-2022-1361

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow…

Devamını oku

CVE-2022-1357

The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This…

Devamını oku