Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0
Overview : An improper neutralization of input vulnerability in the Anomaly Detection interface of FortiWeb may allow a remote unauthenticated attacker to perform a cross…
Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5
Overview : A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary…
TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server
Overview : The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that…
Apache ShardingSphere(incubator) deserialization vulnerability
Overview : In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML…
Puppet Server and PuppetDB may leak sensitive information via metrics API
Overview : Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames.…
vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020
Overview : An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files…