Security News

CVE-2019-16068

National Vulnerability Database - Thu, 03/19/2020 - 19:15
A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious manage_files.cgi request. This can be triggered via XSS or an IFRAME tag included within the site.
Categories: Security News

CVE-2019-16069

National Vulnerability Database - Thu, 03/19/2020 - 19:15
A number of stored Cross-site Scripting (XSS) vulnerabilities were identified in NETSAS Enigma NMS 65.0.0 and prior that could allow a threat actor to inject malicious code directly into the application through the SNMP protocol.
Categories: Security News

CVE-2019-16529

National Vulnerability Database - Thu, 03/19/2020 - 19:15
An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model.
Categories: Security News

CVE-2020-10669

National Vulnerability Database - Thu, 03/19/2020 - 19:15
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the latest version.
Categories: Security News

CVE-2019-16063

National Vulnerability Database - Thu, 03/19/2020 - 19:15
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data rendered within web pages. It is possible for an attacker to expose unencrypted sensitive data.
Categories: Security News

Pages