Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-18998

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource’s URL can access the resource directly.

CVE
Open in Source
#web#pdf

%PDF-1.7 %���� 1 0 obj <>/Metadata 278 0 R/ViewerPreferences 279 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 842.04] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��\Io��� ���Х�@ ��$��3r� ���,M&�!�>�VV�UݭnҞ� 6ɪ��m���lݭ��~����kw�~}}����_��w/_�{��ק�?y~|���|�῿��S}z���[�w�ݶ�{�Av��s{��ۛF�Q,���1Â�N��4�������?��=��D�`�����Z %:� Ҵ���������G��^���C&� �Z+�dl`ԁtڞ~� �:y�� i�;�%�_ w��B�ܽ���x��"��0{@��"|oWhOQ{��+�����r��Ec�]��I3������7{P�9D�Db��� ,��Hk b ��u�Ͻ>Ƒ���Q֖��6p �!�_dׯ�;��+��0� �N�����h>c�4� n�ټJ�����!y�S�� �2�ZU�������)4 Y��$���`oO�e�DiC���i,(&s/�c$�� �5r4GR׌��(����$�� m�`-�� ��8�B-U��飫*�T�-�C`4�+��t��C@f�(�K�ւiZ���B^���4�Ђ�m���K�H��D�ٹ��f�5^��q�[Lg�v��@�D|�����{��^^^��:�RM ��ږb^�^8�����5 |�����U�V:������b��T[@���(�� �[җ/���K��`��c��:�y5�Uآ�(�+�y`�F��������r1�hgm|��zv�P1h�vID�Q&0fߵ$�,;�j�nCc���_M�QH-#�bz��’�2h((��Z��Ϳ��+6�Ak� ��S`x�����<��"N;.|�r,-�r�����ۿ�:<`�y����72�����F��B������� G�E ^�Bk���{ϙ2���B����>�-:��L7Ф�<��Uk�O2pC��X�y���L� �&��Mn$a9�9~Du陖�v��R!����/(�_A�+�D�D���t�J�i�?�Dv��T9J DO]����g�R �Bk�c��u�,t��{�}�c�

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE