Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable to a Denial of Service (DoS) condition. The vulnerability exists in the get_password.php endpoint, where a crafted request containing a mal
In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.
In Plesk Obsidian 18.0.70, _isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evalua
Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This allo
A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service.
A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a cr
A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service.
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2.8.1.
A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept
An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password hashing implementation with a static, hardcoded salt shared across all use
A Denial of Service (DoS) vulnerability was discovered in the TON Lite Server before v2024.09. The vulnerability arises from the handling of external arguments passed to locally executed "get methods.
A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS)
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition
A security vulnerability was identified in Obsidian Scheduler's REST API 5.0.0 thru 6.3.0. If an account is locked out due to not enrolling in MFA (e.g. after the 7-day enforcement window), the REST A
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device.
This vulner
A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly,
Reachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackers to cause a Denial of Service (DoS) via a crafted NGAP pac
A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper input validation in the logon.php script allows an attacker to bypass authentication via SQL injection.
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek.
Page 1+ Next →