βΌ CVE-2023-39429 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3335 βΌ
π Read
via "National Vulnerability Database".
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local usersΓ to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28373 βΌ
π Read
via "National Vulnerability Database".
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36628 βΌ
π Read
via "National Vulnerability Database".
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3967 βΌ
π Read
via "National Vulnerability Database".
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3440 βΌ
π Read
via "National Vulnerability Database".
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management - Manager: from 09-00 before 12-50-07; JP1/Performance Management - Base: from 09-00 through 10-50-*; JP1/Performance Management - Agent Option for Application Server: from 11-00 before 11-50-16; JP1/Performance Management - Agent Option for Enterprise Applications: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for HiRDB: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for IBM Lotus Domino: from 10-00 before 11-50-16; JP1/Performance Management - Agent Option for Microsoft(R) Exchange Server: from 09-00 beforeΓ 12-00-14; JP1/Performance Management - Agent Option for Microsoft(R) Internet Information Server: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Oracle: from 09-00 beforeΓ 12-10-08; JP1/Performance Management - Agent Option for Platform: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Service Response: from 09-00 before 11-50-16; JP1/Performance Management - Agent Option for Transaction System: from 11-00 before 12-00-14; JP1/Performance Management - Remote Monitor for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Remote Monitor for Oracle: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Platform: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Virtual Machine: from 10-00 before 12-50-07; JP1/Performance Management - Agent Option for Domino: from 09-00 through 09-00-*; JP1/Performance Management - Agent Option for IBM WebSphere Application Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for IBM WebSphere MQ: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for JP1/AJS3: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for OpenTP1: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for Oracle WebLogic Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for uCosminexus Application Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for Virtual Machine: from 09-00 through 09-01-*.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42771 βΌ
π Read
via "National Vulnerability Database".
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39222 βΌ
π Read
via "National Vulnerability Database".
OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows: ACERA 1320 firmware ver.01.26 and earlier, ACERA 1310 firmware ver.01.26 and earlier, ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3654 βΌ
π Read
via "National Vulnerability Database".
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request.Γ This vulnerability can be triggered by an HTTP endpoint exposed to the network.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33034 βΌ
π Read
via "National Vulnerability Database".
Memory corruption while parsing the ADSP response command.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3656 βΌ
π Read
via "National Vulnerability Database".
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28539 βΌ
π Read
via "National Vulnerability Database".
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33026 βΌ
π Read
via "National Vulnerability Database".
Transient DOS in WLAN Firmware while parsing a NAN management frame.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22384 βΌ
π Read
via "National Vulnerability Database".
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).π Read
via "National Vulnerability Database".
βΌ CVE-2023-26150 βΌ
π Read
via "National Vulnerability Database".
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication.**Note:**This issue is a result of missing checks for services that require an active session.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24847 βΌ
π Read
via "National Vulnerability Database".
Transient DOS in Modem while allocating DSM items.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24853 βΌ
π Read
via "National Vulnerability Database".
Memory Corruption in HLOS while registering for key provisioning notify.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3655 βΌ
π Read
via "National Vulnerability Database".
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...).Γ This vulnerability can be triggered by an HTTP endpoint exposed to the network.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24844 βΌ
π Read
via "National Vulnerability Database".
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21673 βΌ
π Read
via "National Vulnerability Database".
Improper Access to the VM resource manager can lead to Memory Corruption.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24849 βΌ
π Read
via "National Vulnerability Database".
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.π Read
via "National Vulnerability Database".