Day: November 28, 2024

Description EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity

Description A non-admin user account on the Zabbix frontend with the default User role, or with any other role that

Description A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG

Description An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app

Description A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. References https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04731en_us For

Description A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container

Description Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP Integration allows Authentication Bypass. The vulnerability could allow

Description Fides is an open-source privacy engineering platform. The user invite acceptance API endpoint lacks server-side password policy enforcement, allowing