integratus systems - Factory BitsFactory Bits 500 Companies and Solutions Driving Industrial Digital Transformation

integratus systems

Exchange Platform Services

Join Now-Sign Up
Log In

Factory Bits 500 Companies and Solutions Driving Industrial Digital Transformation

Blog
Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
IS Competitive Intelligence Briefings
IS Intelligence Work Group
IS Partners
IS Projects Work Group
IS Reports
IS Security Work Group
IS Working Group Briefings
Uncategorized

IS Security Alerts Advisories

Fatek FvDesigner bis 1.5.76 Project File Uninitialized Pointer
Es wurde eine kritische Schwachstelle in Fatek FvDesigner bis 1.5.76 entdeckt. Es betrifft eine unbekannte Funktion der Komponente Project File Handler. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz ... read more
Fatek FvDesigner bis 1.5.76 Project File Pufferüberlauf
Eine Schwachstelle wurde in Fatek FvDesigner bis 1.5.76 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um ein unbekannter Ablauf der Komponente Project File Handler. Es sind keine Informationen ... read more
Fatek FvDesigner bis 1.5.76 Project File Pufferüberlauf
In Fatek FvDesigner bis 1.5.76 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Dabei geht es um ein unbekannter Prozess der Komponente Project File Handler. Es sind keine Informationen ... read more
Fatek FvDesigner bis 1.5.76 Project File Information Disclosure
Es wurde eine Schwachstelle in Fatek FvDesigner bis 1.5.76 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine unbekannte Verarbeitung der Komponente Project File Handler. Es sind keine ... read more
GitLab Community Edition/Enterprise Edition 13.0 Branch Log Information Disclosure
Eine Schwachstelle wurde in GitLab Community Edition sowie Enterprise Edition 13.0 (Bug Tracking Software) gefunden. Sie wurde als problematisch eingestuft. Es geht hierbei um ein unbekannter Codeblock der Komponente Branch ... read more
Bitnami Docker Container /tmp/app/.env APP_KEY schwache Verschlüsselung
Es wurde eine Schwachstelle in Bitnami Docker Container (Virtualization Software) gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist unbekannter Programmcode der Datei /tmp/app/.env. Ein Upgrade auf die Version 6.20.0-debian-10-r107, ... read more
VMware View Planner bis 4.6 logupload Web Application erweiterte Rechte
Eine Schwachstelle wurde in VMware View Planner bis 4.6 entdeckt. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Codeteil der Komponente logupload Web Application. Die Schwachstelle lässt sich ... read more
GitLab Community Edition/Enterprise Edition 13.7 Merge Request Cross Site Scripting
In GitLab Community Edition sowie Enterprise Edition 13.7 (Bug Tracking Software) wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um unbekannter Code der Komponente Merge Request Handler. ... read more
Qualcomm Snapdragon Auto Hypervisor out-of-bounds read [CVE-2020-3664]
A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking (Chip ... read more
Automated Logic WebCTRL up to 6.5 GET Request failuremessage.jsp cross site scripting
A vulnerability was found in Automated Logic WebCTRL up to 6.5 (Automation Software). It has been classified as problematic. This affects an unknown code block of the file /_common/lvl5/failuremessage.jsp of ... read more
Inspur ClusterEngine 4.0 Control Server command injection
A vulnerability was found in Inspur ClusterEngine 4.0. It has been declared as critical. This vulnerability affects some unknown processing of the component Control Server. There is no information about ... read more
Exchange Server Attacks Spread After Disclosure of Flaws
Forecast Calls for Backdoored Email and Possibly Ransomware, CryptominersOne day after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable ... read more
Fatek FvDesigner fino 1.5.76 Project File buffer overflow
Un punto di debole di livello critico è stato rilevato in Fatek FvDesigner fino 1.5.76. É interessato una funzione sconosciuta del componente Project File Handler. Informazioni riguardo una possibile contromisura ... read more
Fatek FvDesigner fino 1.5.76 Project File Uninitialized Pointer
Una vulnerabilità di livello critico è stata rilevata in Fatek FvDesigner fino 1.5.76. Riguarda una funzione sconosciuta del componente Project File Handler. Informazioni riguardo una possibile contromisura non sono al ... read more
Fatek FvDesigner fino 1.5.76 Project File buffer overflow
Un punto di criticita di livello critico è stato rilevato in Fatek FvDesigner fino 1.5.76. Da questa vulnerabilità è interessato una funzione sconosciuta del componente Project File Handler. Informazioni riguardo ... read more
Fatek FvDesigner fino 1.5.76 Project File rivelazione di un 'informazione
In Fatek FvDesigner fino 1.5.76 è stato trovato un punto critico di livello critico. Interessato da questa vulnerabilità è una funzione sconosciuta del componente Project File Handler. Informazioni riguardo una ... read more
GitLab Community Edition/Enterprise Edition 13.0 Branch Log rivelazione di un 'informazione
In GitLab Community Edition e Enterprise Edition 13.0 (Bug Tracking Software) è stata rilevato un punto critico di livello problematico. Riguarda una funzione sconosciuta del componente Branch Log Handler. Informazioni ... read more
Bitnami Docker Container /tmp/app/.env APP_KEY crittografia debole
Una vulnerabilità di livello problematico è stata rilevata in Bitnami Docker Container (Virtualization Software). Da questa vulnerabilità è interessato una funzione sconosciuta del file /tmp/app/.env. L'aggiornamento alla versione 6.20.0-debian-10-r107, 7.30.1-debian-10-r108 ... read more
GitLab Community Edition/Enterprise Edition 13.7 Merge Request cross site scripting
Un punto critico di livello problematico è stato rilevato in GitLab Community Edition e Enterprise Edition 13.7 (Bug Tracking Software). É interessato una funzione sconosciuta del componente Merge Request Handler. ... read more
VMware View Planner fino 4.6 logupload Web Application escalazione di privilegi
In VMware View Planner fino 4.6 stata rilevata una vulnerabilità di livello critico. Interessato da questa vulnerabilità è una funzione sconosciuta del componente logupload Web Application. Applicando la patch 4.6 ... read more
VMware View Planner up to 4.6 logupload Web Application improper authorization
A vulnerability, which was classified as critical, has been found in VMware View Planner up to 4.6. This issue affects an unknown functionality of the component logupload Web Application. Applying ... read more
GitLab Community Edition/Enterprise Edition 13.0 Branch Log information disclosure
A vulnerability was found in GitLab Community Edition and Enterprise Edition 13.0 (Bug Tracking Software) and classified as problematic. Affected by this issue is an unknown code of the component ... read more
GitLab Community Edition/Enterprise Edition 13.7 Merge Request cross site scripting
A vulnerability has been found in GitLab Community Edition and Enterprise Edition 13.7 (Bug Tracking Software) and classified as problematic. Affected by this vulnerability is an unknown part of the ... read more
Bitnami Docker Container /tmp/app/.env APP_KEY random values
A vulnerability, which was classified as problematic, was found in Bitnami Docker Container (Virtualization Software). Affected is some unknown functionality of the file /tmp/app/.env. Upgrading to version 6.20.0-debian-10-r107, 7.30.1-debian-10-r108 or ... read more
[webapps] Online Ordering System 1.0 – Arbitrary File Upload to Remote Code Execution
Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution ... read more
From VBS, PowerShell, C Sharp, Process Hollowing to RAT, (Thu, Mar 4th)
VBS files are interesting to deliver malicious content to a victim's computer because they look like simple text files. I found an interesting sample that behaves like a dropper. But it ... read more
Qualcomm Snapdragon Auto RTT Frame information disclosure [CVE-2020-11287]
A vulnerability, which was classified as problematic, has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, ... read more
Qualcomm Snapdragon Auto NOA IE integer overflow [CVE-2020-11296]
A vulnerability, which was classified as problematic, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon ... read more
Qualcomm Snapdragon Auto WLAN module denial of service [CVE-2020-11297]
A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music ... read more
[webapps] e107 CMS 2.3.0 – CSRF
e107 CMS 2.3.0 - CSRF ... read more
84.00452
Modified (2)Adware/MobiDash!AndroidRiskware/Application!Android ]]> ... read more
Qualcomm Snapdragon Auto RTT Frame information disclosure [CVE-2020-11281]
A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &amp, amp, Music, Snapdragon ... read more
Qualcomm Snapdragon Auto MKV Clip buffer overflow [CVE-2020-11283]
A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon ... read more
Qualcomm Snapdragon Auto USB Control Transfer null pointer dereference
A vulnerability classified as problematic was found in Qualcomm Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software). This vulnerability ... read more
Qualcomm Snapdragon Auto kgsl Driver access control [CVE-2020-11282]
A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software). It ... read more
DataDog API Client Java fino 1.0.0-beta.8 Temporary Files prepareDownloadFilecreates escalazione di privilegi
È stata rilevata una vulnerabilità di livello problematico in DataDog API Client Java fino 1.0.0-beta.8 (Network Management Software). Riguarda la funzione prepareDownloadFilecreates del componente Temporary Files Handler. L'aggiornamento alla versione ... read more
GLPI up to 9.5.3 /ajax/common.tabs.php _target/id cross site scripting
A vulnerability was found in GLPI up to 9.5.3 (Asset Management Software). It has been rated as problematic. Affected by this issue is an unknown code block of the file ... read more
DataDog API Client Java up to 1.0.0-beta.8 Temporary Files prepareDownloadFilecreates temp file
A vulnerability classified as problematic was found in DataDog API Client Java up to 1.0.0-beta.8 (Network Management Software). This vulnerability affects the function prepareDownloadFilecreates of the component Temporary Files Handler. ... read more
GLPI up to 9.5.3 Ticket Update cross site scripting
A vulnerability classified as problematic has been found in GLPI up to 9.5.3 (Asset Management Software). This affects some unknown processing of the component Ticket Update Handler. Upgrading to version ... read more
Qualcomm Snapdragon Compute RPC Message race condition [CVE-2020-11277]
A vulnerability has been found in Qualcomm Snapdragon Compute, Snapdragon Industrial IOT and Snapdragon Mobile (Chip Software) (the affected version is unknown) and classified as problematic. This vulnerability affects an ... read more
Qualcomm Snapdragon Auto Host WMI Command denial of service [CVE-2020-11278]
A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired ... read more
Qualcomm Snapdragon Auto FTMR denial of service [CVE-2020-11280]
A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired ... read more
DataDog API Client Java bis 1.0.0-beta.8 Temporary Files prepareDownloadFilecreates erweiterte Rechte
In DataDog API Client Java bis 1.0.0-beta.8 (Network Management Software) wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion prepareDownloadFilecreates der Komponente Temporary Files Handler. Ein ... read more
GLPI bis 9.5.3 Ticket Update Cross Site Scripting
Es wurde eine Schwachstelle in GLPI bis 9.5.3 (Asset Management Software) entdeckt. Sie wurde als problematisch eingestuft. Hiervon betroffen ist eine unbekannte Funktionalität der Komponente Ticket Update Handler. Ein Aktualisieren ... read more
GLPI bis 9.5.3 /ajax/common.tabs.php _target/id Cross Site Scripting
Eine problematische Schwachstelle wurde in GLPI bis 9.5.3 (Asset Management Software) ausgemacht. Davon betroffen ist eine unbekannte Funktion der Datei /ajax/common.tabs.php. Ein Upgrade auf die Version 9.5.4 vermag dieses Problem ... read more
IBM Security Verify Bridge external autenticazione debole [CVE-2021-20442]
In IBM Security Verify Bridge è stato trovato un punto critico di livello problematico. Riguarda una funzione sconosciuta del componente external. Informazioni riguardo una possibile contromisura non sono al momento ... read more
GLPI fino 9.5.3 Ticket Update cross site scripting
Una vulnerabilità di livello problematico è stata rilevata in GLPI fino 9.5.3 (Asset Management Software). É interessato una funzione sconosciuta del componente Ticket Update Handler. L'aggiornamento alla versione 9.5.4 elimina ... read more
GLPI fino 9.5.3 /ajax/common.tabs.php _target/id cross site scripting
Un punto di debole di livello problematico è stato rilevato in GLPI fino 9.5.3 (Asset Management Software). Da questa vulnerabilità è interessato una funzione sconosciuta del file /ajax/common.tabs.php. L'aggiornamento alla ... read more
GLPI fino 9.5.3 Document Upload /front/document.form.php cross site scripting
Un punto di criticita di livello problematico è stato rilevato in GLPI fino 9.5.3 (Asset Management Software). Interessato da questa vulnerabilità è una funzione sconosciuta del file /front/document.form.php del componente ... read more
IBM Security Verify Bridge crittografia debole [CVE-2021-20441]
In IBM Security Verify Bridge è stata rilevato un punto critico di livello problematico. É interessato una funzione sconosciuta. Informazioni riguardo una possibile contromisura non sono al momento disponibili. Si ... read more

integratus systems © 2021

KAVI IS iCOMMEX Platform v 02.25 Thursday, March 4, 2021

Exchange Members |
Exchange Services |
Exchange Products |
Exchange Pricing |
Blog |
Disclaimer |
Terms |
Privacy |
Forgot Password ? |
About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

Security Briefing Search

PDF Library Search

Factory Bits Search

Reset Password

Reset Password

You have no permission to access this content