CVE-2021-41637

Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all ...

Continue Reading

24 июня, 2022

CVE-2021-41636

MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP servers root directory and operate on the entire operating system, while the access restrictions of the user ...

Continue Reading

24 июня, 2022

CVE-2021-41635

When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire ...

Continue Reading

24 июня, 2022

CVE-2021-41634

A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames.Read More ...

Continue Reading

24 июня, 2022

CVE-2022-2121

OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition.Read More ...

Continue Reading

24 июня, 2022

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ ...

Continue Reading

24 июня, 2022

CVE-2022-23170

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated a ...

Continue Reading

24 июня, 2022

CVE-2022-28619

A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. The vulnerability could allow local escalation of privilege. HPE has made the followi ...

Continue Reading

24 июня, 2022

1 74 208 74 209 74 210 74 211 74 212 76 070

Back to Main
Subscribe for the latest news: