![]() The associated identifier of this vulnerability is VDB-205671. The exploit has been disclosed to the public and may be used. It is possible to initiate the attack remotely. This affects NeDi 1.0.7 for OS X 1.0.7 alert(1) leads to cross site scripting. The vulnerability is due to insecure design, where a difference in forgot password utility could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access. Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |