The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure. Devamını Oku
The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster. Devamını Oku
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure. Devamını Oku
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure. Devamını Oku
A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell. Devamını Oku
A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily delete admin accounts. Devamını Oku
A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5 allows attackers to arbitrarily reset account passwords. Devamını Oku
A reflected cross-site scripting (XSS) vulnerability in the /plugin/ajax.php component of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. Devamını Oku
Multiple stored cross-site scripting (XSS) vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML. Devamını Oku
An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files. Devamını Oku
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability. Devamını Oku
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability. Devamını…