In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of se ...
Continue ReadingJune 06, 2022
An authenticated attacker can send a specially crafted route to the edit_route.cgi binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent C ...
Continue ReadingJune 06, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501 ...
Continue ReadingJune 06, 2022
An authenticated attacker can upload a file with a filename including .. and / to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products ...
Continue ReadingJune 06, 2022
An unauthenticated attacker can send a specially crafted packets to update the notes section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelli ...
Continue ReadingJune 06, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS). This vulnerability impacts products based on HID Mercury Intelli ...
Continue ReadingJune 06, 2022
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts produ ...
Continue ReadingJune 06, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue ReadingJune 06, 2022
Back to Main