Headline
CVE-2021-38124: Portal
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.
Related news
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.
Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.
Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.
Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.
Remote Desktop aims to solve vulnerability issues with RDP by implementing robust access and security controls.
Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.
In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4