integratus systems - Factory BitsFactory Bits 500 Companies and Solutions Driving Industrial Digital Transformation

integratus systems

Exchange Platform Services

Join Now-Sign Up
Log In

Factory Bits 500 Companies and Solutions Driving Industrial Digital Transformation

Blog
Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
IS Competitive Intelligence Briefings
IS Intelligence Work Group
IS Partners
IS Projects Work Group
IS Reports
IS Security Work Group
IS Working Group Briefings
Uncategorized

IS Security Alerts Advisories

CVE-2021-45802 (iresturant)
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time ... read more
CVE-2022-21715 (codeigniter)
CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. A cross-site scripting (XSS) vulnerability was found in `APIResponseTrait` in Codeigniter4 prior to version 4.1.8. Attackers can do ... read more
CVE-2022-21710 (shortdescription)
ShortDescription is a MediaWiki extension that provides local short description support. A cross-site scripting (XSS) vulnerability exists in versions prior to 2.3.4. On a wiki that has the ShortDescription enabled, ... read more
CVE-2021-45226 (construction_cloud)
An issue was discovered in COINS Construction Cloud 11.12. Due to improper validation of user-controlled HTTP headers, attackers can cause it to send password-reset e-mails pointing to arbitrary websites. ... read more
CVE-2021-43588 (emc_data_protection_central)
Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. ... read more
CVE-2021-43589 (emc_unity_operating_environment, emc_unity_xt_operating_environment, emc_unityvsa_operating_environment)
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges ... read more
CVE-2021-36349 (emc_data_protection_central)
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this ... read more
CVE-2021-46113 (kea-hotel-erp)
In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service. ... read more
CVE-2022-22554 (emc_system_update)
Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user privleges could potentially exploit this vulnerability leading to the disclosure ... read more
CVE-2020-17383 (z/ip_one_firmware)
A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration ... read more
CVE-2021-45803 (iresturant)
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation. ... read more
CVE-2021-34073
A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php. ... read more
CVE-2021-40395
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: ... read more
CVE-2021-45898
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion. ... read more
CVE-2021-45897
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution. ... read more
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account. ... read more
CVE-2021-45899
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution. ... read more
Zoho ManageEngine Desktop Central vor 10.1.2137.10 Privilege Escalation
In Zoho ManageEngine Desktop Central (Endpoint Management Software) wurde eine problematische Schwachstelle gefunden. Ein Upgrade auf die Version 10.1.2137.10 vermag dieses Problem zu beheben. ... read more
Connman up to 1.40 DNS Proxy forward_dns_reply out-of-bounds read
A vulnerability, which was classified as problematic, has been found in Connman up to 1.40. Affected by this issue is the function forward_dns_reply of the component DNS Proxy. Applying a ... read more
Connman up to 1.40 TCP Server Reply out-of-bounds read
A vulnerability classified as problematic was found in Connman up to 1.40. Affected by this vulnerability is an unknown part of the component TCP Server Reply Handler. Applying a patch ... read more
Online Motorcycle Rental System 1.0 Login Portal sql injection
A vulnerability classified as critical has been found in Online Motorcycle Rental System 1.0. Affected is some unknown functionality of the component Login Portal. There is no information about possible ... read more
SourceCodester Simple Cold Storage Management System 1.0 login.php username sql injection
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as critical. This vulnerability affects an unknown function of the file login.php. There is ... read more
Sourcecodester Mobile Shop System in PHP MySQL 1.0 login.php email sql injection
A vulnerability was found in Sourcecodester Mobile Shop System in PHP MySQL 1.0 (Database Software). It has been classified as critical. This affects some unknown processing of the file login.php. ... read more
VeridiumID VeridiumAD 2.5.3.0 Push Notification access control
A vulnerability was found in VeridiumID VeridiumAD 2.5.3.0. It has been rated as critical. This issue affects an unknown functionality of the component Push Notification Handler. There is no information ... read more
Zoho ManageEngine Desktop Central prior 10.1.2137.10 Privilege Escalation
A vulnerability has been found in Zoho ManageEngine Desktop Central (Endpoint Management Software) and classified as problematic. Upgrading to version 10.1.2137.10 eliminates this vulnerability. ... read more
Connman up to 1.40 DNS Proxy infinite loop
A vulnerability, which was classified as problematic, was found in Connman up to 1.40. This affects an unknown code block of the component DNS Proxy. Applying a patch is able ... read more
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
Original release date: January 28, 2022CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in ... read more
4 data privacy predictions for 2022 and beyond
... read more
In eigener Sache: CERT.at sucht Verstärkung (Junior IT-Security Analyst:in, IT-Security Analyst:in, Python Entwickler:in)
Wir suchen derzeit: Berufsein- oder -umsteiger:in mit ausgeprägtem Interesse an IT-Security zur Unterstützung bei den täglich anfallenden Routineaufgaben IT/OT-Security Generalist:in oder Spezialist:in im Bereich Windows Security, mit Praxiserfahrung Python Entwickler:in ... read more
89.09111
Modified (4)Adware/MobiDash!AndroidAdware/Secapk!AndroidAndroid/Agent.BYH!tr.spyAndroid/HiddenApp.GU!tr ... read more
Sourcecodester Mobile Shop System in PHP MySQL 1.0 login.php email sql injection
In Sourcecodester Mobile Shop System in PHP MySQL 1.0 (Database Software) è stato trovato un punto critico di livello critico. Interessato da questa vulnerabilità è una funzione sconosciuta del file ... read more
VeridiumID VeridiumAD 2.5.3.0 Push Notification escalazione di privilegi
Un punto di debole di livello critico è stato rilevato in VeridiumID VeridiumAD 2.5.3.0. É interessato una funzione sconosciuta del componente Push Notification Handler. Informazioni riguardo una possibile contromisura non ... read more
Zoho ManageEngine Desktop Central prima 10.1.2137.10 Privilege Escalation
Un punto critico di livello problematico è stato rilevato in Zoho ManageEngine Desktop Central (Endpoint Management Software). L'aggiornamento alla versione 10.1.2137.10 elimina questa vulnerabilità. ... read more
Connman fino 1.40 DNS Proxy denial of service
Una vulnerabilità di livello problematico è stata rilevata in Connman fino 1.40. É interessato una funzione sconosciuta del componente DNS Proxy. Applicando a patch è possibile eliminare il problema. Il ... read more
Connman fino 1.40 DNS Proxy forward_dns_reply rivelazione di un 'informazione
In Connman fino 1.40 stata rilevata una vulnerabilità di livello problematico. Da questa vulnerabilità è interessato la funzione forward_dns_reply del componente DNS Proxy. Applicando a patch è possibile eliminare il ... read more
Connman fino 1.40 TCP Server Reply rivelazione di un 'informazione
È stata rilevata una vulnerabilità di livello problematico in Connman fino 1.40. Interessato da questa vulnerabilità è una funzione sconosciuta del componente TCP Server Reply Handler. Applicando a patch è ... read more
Online Motorcycle Rental System 1.0 Login Portal sql injection
Una vulnerabilità di livello critico è stata rilevata in Online Motorcycle Rental System 1.0. Riguarda una funzione sconosciuta del componente Login Portal. Informazioni riguardo una possibile contromisura non sono al ... read more
SourceCodester Simple Cold Storage Management System 1.0 login.php username sql injection
Un punto di criticita di livello critico è stato rilevato in SourceCodester Simple Cold Storage Management System 1.0. Da questa vulnerabilità è interessato una funzione sconosciuta del file login.php. Informazioni ... read more
vim up to 8.1 memory corruption [CVE-2022-0351]
A vulnerability classified as critical has been found in vim up to 8.1 (Word Processing Software). This affects an unknown code block. Upgrading to version 8.2 eliminates this vulnerability. Applying ... read more
Keycloak up to 15.1.0 REST API authorization
A vulnerability classified as problematic was found in Keycloak up to 15.1.0. This vulnerability affects some unknown processing of the component REST API. Upgrading to version 15.1.1 eliminates this vulnerability. ... read more
QEMU up to 6.1.x Block Mirror Layer mirror_wait_on_conflicts null pointer dereference
A vulnerability, which was classified as problematic, has been found in QEMU up to 6.1.x (Virtualization Software). This issue affects the function mirror_wait_on_conflicts of the component Block Mirror Layer. Upgrading ... read more
SourceCodester Simple Cold Storage Management System 1.0 login.php username SQL Injection
In SourceCodester Simple Cold Storage Management System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist ein unbekannter Teil der Datei login.php. Es sind keine Informationen bezüglich ... read more
Sourcecodester Mobile Shop System in PHP MySQL 1.0 login.php email SQL Injection
Es wurde eine Schwachstelle in Sourcecodester Mobile Shop System in PHP MySQL 1.0 (Database Software) ausgemacht. Sie wurde als kritisch eingestuft. Hiervon betroffen ist eine unbekannte Funktionalität der Datei login.php. ... read more
Connman bis 1.40 DNS Proxy Denial of Service
Es wurde eine problematische Schwachstelle in Connman bis 1.40 gefunden. Es geht dabei um eine unbekannte Verarbeitung der Komponente DNS Proxy. Die Schwachstelle lässt sich durch das Einspielen eines Patches ... read more
Connman bis 1.40 DNS Proxy forward_dns_reply Information Disclosure
Eine problematische Schwachstelle wurde in Connman bis 1.40 entdeckt. Es geht hierbei um die Funktion forward_dns_reply der Komponente DNS Proxy. Die Schwachstelle lässt sich durch das Einspielen eines Patches beheben. ... read more
Connman bis 1.40 TCP Server Reply Information Disclosure
In Connman bis 1.40 wurde eine problematische Schwachstelle entdeckt. Es geht um unbekannter Code der Komponente TCP Server Reply Handler. Die Schwachstelle lässt sich durch das Einspielen eines Patches lösen. ... read more
Online Motorcycle Rental System 1.0 Login Portal SQL Injection
Es wurde eine kritische Schwachstelle in Online Motorcycle Rental System 1.0 entdeckt. Betroffen hiervon ist unbekannter Programmcode der Komponente Login Portal. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz ... read more
VeridiumID VeridiumAD 2.5.3.0 Push Notification erweiterte Rechte
Eine Schwachstelle wurde in VeridiumID VeridiumAD 2.5.3.0 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Codeteil der Komponente Push Notification Handler. Es sind keine Informationen bezüglich Gegenmassnahmen ... read more
Gartner® names Microsoft a Leader in the 2022 Magic Quadrant™ for Enterprise Information Archiving
With data doubling every two years, it is more critical than ever to have simple and integrated tools to understand and manage risks to an organization. As more people work ... read more
Dell EMC VNX2 OE for File up to 8.1.21.266 Cookie entropy
A vulnerability was found in Dell EMC VNX2 OE for File up to 8.1.21.266. It has been classified as critical. Affected is some unknown functionality of the component Cookie Handler. ... read more

integratus systems © 2022

KAVI IS iCOMMEX Platform v 02.25 Friday, January 28, 2022

Exchange Members |
Exchange Services |
Exchange Products |
Exchange Pricing |
Blog |
Disclaimer |
Terms |
Privacy |
Forgot Password ? |
About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

Security Briefing Search

PDF Library Search

Factory Bits Search

Reset Password

Reset Password

You have no permission to access this content