A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a…

A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly…

A SQL injection vulnerability exists in the “admin brand portalâ€� feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to…

A SQL injection vulnerability exists in the “json walkerâ€� feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a…

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it…

A command injection vulnerability exists in the “dash exportâ€� feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to…

An authenticated administrator can upload a SAML configuration file with the wrong format, with the application not checking the correct file format. Every subsequent application…

A partial DoS vulnerability has been detected in the Reports section, exploitable by a malicious authenticated user forcing a report to be saved with its…

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to…

An authenticated attacker with administrative access to the appliance can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will later…