The host is installed with MOVEit Transfer 11.1 before 11.1.3, 11.0 before 11.0.4 or 10.2.0 and less than 10.2.6 and is prone to a Multiple sql injection vulnerabilities vulnerability. A flaw is present in the applications which fails to properly handle issues in database. Successful exploitation allow remote attackers to to gain unauthorized access to MOVEit Transfer's database. Depending on the ...
The host is installed with MOVEit Transfer 11.0 before 11.0.2, 11.1 before 11.1.1 or 10.2.0 before 10.2.4 and is prone to a SQL injection vulnerability. A flaw is present in the applications which fails to properly handle issues in database. Successful exploitation allow remote attackers to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, ...
The host is installed with WSO2 API Manager 3.0.0 or 3.1.0 or 3.2.0 or 4.0.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle the unspecified vectors. Successful exploitation allows attackers to make DOM-based XSS attack.
The host is installed with WSO2 API Manager 3.1.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle unspecified vectors. Successful exploitation allows attackers to hijack a logged-in users password and invalidate the session of the victim while the hacker maintains access.
The host is installed with WSO2 API Manager version 2.6.0 and is prone to an unspecified vulnerability. A flaw is present in the applications which fails to properly handle unspecified vectors. Successful exploitation results in uploaded documents for API documentation to be available to an unauthenticated user.
The host is installed with WSO2 API Manager version before 2.6.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle a crafted filename to the file-upload feature of the event simulator component. Successful exploitation allows attackers to cause unspecified impact.
The host is installed with WSO2 API Manager version 2.1.0 or 2.6.0 and is prone to a reflected cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle the carbon part of the product. Successful exploitation allows attackers to cause unspecified impact.
The host is installed with WSO2 API Manager version 2.1.0 or 2.6.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications which fails to properly handle the store part of the product. Successful exploitation allows attackers to cause unspecified impact.
The host is installed with OpenVPN through 2.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in control channel. Successful exploitation could allow remote attackers to cause a denial of service via crafted reset packet.
The host is installed with VMWare Tools 10.x, 11.x or 12.x before 12.1.5 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an issue in the VM3DMP driver. Successfull exploitation allows attackers with local user privileges in the Windows guest OS, where VMware Tools is installed to trigger a PANIC in the VM3DMP driver leading to ...