configuration
-
A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-2688. The attack needs to be done within the local network.…
-
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6344. It is possible to initiate the attack remotely. Furthermore, there…
-
Exploring MiniMedusa: The Streamlined DDoS Configuration Derived from MegaMedusa Distributed Denial of Service (DDoS) attacks continue to pose significant challenges in cybersecurity. Tools like MegaMedusa and its more compact variant or a configuration, MiniMedusa, have made it easier for individuals, regardless of their technical expertise, to launch potent DDoS attacks. MegaMedusa ad in RipperSec’s Telegram…
-
A vulnerability, which was classified as very critical, has been found in Invisible-island xterm. Affected by this issue is some unknown functionality of the component Default Configuration. The manipulation leads to configuration. This vulnerability is handled as CVE-2006-7236. The attack may be launched remotely. Furthermore, there is an exploit available.
-
TL;DR | Go Straight to the Microsoft Configuration Manager Audit Report Version 2309 of Microsoft Configuration Manager (formerly Microsoft Endpoint Configuration Manager, System Center Configuration Manager, or SCCM) will go end of life on April 9th, 2025. In order to avoid running outdated and unsupported versions, we made an overview of everything that you need to know…
-
A vulnerability was found in OTRS and OTRS Community Edition. It has been declared as problematic. This vulnerability affects unknown code of the component System Configuration Module. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-43442. The attack can be initiated remotely. There is no exploit available.
-
A vulnerability was found in AdaCore Ada Web Server 25.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component TLS Configuration Handler. The manipulation leads to channel accessible by non-endpoint. This vulnerability is known as CVE-2024-55581. The attack can be launched remotely. There is no exploit available.
-
A vulnerability, which was classified as problematic, was found in H2O. This affects an unknown part of the component Configuration File Handler. The manipulation leads to incorrect control flow. This vulnerability is uniquely identified as CVE-2024-25622. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a…
-
A vulnerability classified as critical has been found in TeamViewer Desktop up to 14.7.1965. This affects an unknown part of the component AES Key Handler. The manipulation as part of Configuration File leads to improper authentication. This vulnerability is uniquely identified as CVE-2019-18988. It is possible to initiate the attack remotely. Furthermore, there is an…
-
A vulnerability, which was classified as problematic, has been found in Yealink Configuration Encrypt Tool. This issue affects some unknown processing. The manipulation leads to use of hard-coded cryptographic key . The identification of this vulnerability is CVE-2024-24681. The attack needs to be approached within the local network. There is no exploit available.
-
A vulnerability was found in Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.3.1 and classified as critical. This issue affects some unknown processing of the component Configuration. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-42003. The attack may be initiated remotely. There is no exploit available.
-
A vulnerability was found in Oracle Communications Cloud Native Core Console 22.3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Configuration. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-42003. The attack can be launched remotely. There is no exploit available.
-
A vulnerability was found in Centreon Web up to 24.10. It has been classified as problematic. Affected is an unknown function. The manipulation of the argument user configuration contact name leads to cross site scripting. This vulnerability is traded as CVE-2024-47863. It is possible to launch the attack remotely. There is no exploit available. It…
-
A vulnerability was found in Advantech EKI-6333AC-2G, EKI-6333AC-2GD and EKI-6333AC-1GPO. It has been classified as critical. Affected is an unknown function of the component Backup Configuration Handler. The manipulation leads to os command injection. This vulnerability is traded as CVE-2024-50377. It is possible to launch the attack remotely. There is no exploit available.
-
A vulnerability has been found in Cordaware bestinformed Infoclient up to 6.3.6.x on Windows and classified as critical. This vulnerability affects unknown code. The manipulation leads to external control of system or configuration setting. This vulnerability was named CVE-2025-0425. It is possible to launch the attack on the local host. There is no exploit available.…
-
arXiv:2502.08240v1 Announce Type: new Abstract: The Sender Policy Framework (SPF) is a basic mechanism for authorizing the use of domains in email. In combination with other mechanisms, it serves as a cornerstone for protecting users from forged senders. In this paper, we investigate the configuration of SPF across the Internet. To this end, we analyze…