Prince Chaddha
GitHub
commit
29aeb0d879
|
|
@ -4,6 +4,7 @@ info:
|
|||
author: madrobot
|
||||
severity: critical
|
||||
tags: hpe,cve,cve2021,bypass
|
||||
description: A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. HPE has released a software update to resolve the vulnerability in the HPE Edgeline Infrastructure Manager.
|
||||
reference: |
|
||||
- https://www.tenable.com/security/research/tra-2021-15
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-29203
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Ivanti Avalanche Directory Traversal
|
||||
author: gy741
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
|
||||
reference: https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
|
||||
tags: cve,cve2021,avalanche,traversal
|
||||
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Adobe ColdFusion Debug Page XSS
|
||||
author: dhiyaneshDK
|
||||
severity: medium
|
||||
description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site.
|
||||
reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml
|
||||
tags: adobe,coldfusion,xss
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue