An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks.Read More ...
Continue Reading04 августа, 2023
Connected IO v2.1.0 and prior keeps passwords and credentials in clear-text format, allowing attackers to exfiltrate the credentials and use them to impersonate the devices.Read More ...
Continue Reading04 августа, 2023
Connected IO v2.1.0 and prior has a command as part of its communication protocol allowing the management platform to specify arbitrary OS commands for devices to execute. Attackers abusing this dange ...
Continue Reading04 августа, 2023
MindsDB's AI Virtual Database allows developers to connect any AI/ML model to any datasource. Prior to version 23.7.4.0, a call to requests with `verify=False` disables SSL certificate checks. This ru ...
Continue Reading04 августа, 2023
Improper Input Validation in GitHub repository omeka/omeka-s prior to 4.0.3.Read More ...
Continue Reading04 августа, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.Read More ...
Continue Reading04 августа, 2023
Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command message in its communication protocol, enabling attackers to execute arbitrary OS commands on devices.Read ...
Continue Reading04 августа, 2023
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.Read More ...
Continue Reading04 августа, 2023
Back to Main