HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.Read More ...
Continue ReadingAugust 09, 2023
A directory traversal vulnerability in the Captive Portal templates of OPNsense before 23.7 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive.Read More ...
Continue ReadingAugust 09, 2023
A SQL injection vulnerability exists in the vendor_state parameter of the âvendor print reportâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it dir ...
Continue ReadingAugust 09, 2023
A SQL injection vulnerability exists in the âtopology data serviceâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This a ...
Continue ReadingAugust 09, 2023
A SQL injection vulnerability exists in the âticket template watchersâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. Thi ...
Continue ReadingAugust 09, 2023
/ui/cron/item/open in the Cron component of OPNsense before 23.7 allows XSS.Read More ...
Continue ReadingAugust 09, 2023
A SQL injection vulnerability exists in the âmessage viewer printâ feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This al ...
Continue ReadingAugust 09, 2023
The Crash Reporter (crash_reporter.php) component of OPNsense before 23.7 mishandles input sanitization.Read More ...
Continue ReadingAugust 09, 2023
Back to Main