gifsicle Security Breach

gifsicle is Gifsicle's handling of GIF image files. A security vulnerability exists in gifsicle version 1.94, which stems from a Floating Point Exception FPE in resizestream in src/xform.c. The vulnerability is caused by the presence of a floating point exception FPE in resizestream...

Default credentials

TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product...

CVE-2023-27132

TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product...

CVE-2023-27132

TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product...

CVE-2023-27132

The CVE-2023-27132 entry targets TSplus Remote Work: version 16.0.0.0 stores a cleartext password on the var pass line of the HTML source code for the secure single sign-on web portal. Connected sources corroborate that credentials are stored in plaintext within the HTML of the login page (e.g., ...

CVE-2023-35013

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...

CVE-2023-35013

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...

CVE-2023-35013 IBM Security Verify Governance information disclosure

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...

CVE-2023-35013 IBM Security Verify Governance information disclosure

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769...

IBM Security Verify Governance Security Breach

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. A security vulnerability exists in IBM Security Verify Governance version 10....

CVE-2023-30802

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

CVE-2023-30802

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

Code injection

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

CVE-2023-30802 Sangfor Next-Gen Application Firewall Source Code Disclosure

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

CVE-2023-30802

CVE-2023-30802 affects Sangfor Next-Gen Application Firewall NGAF 8.0.17. Multiple connected sources confirm a source-code disclosure vulnerability exploitable remotely by an unauthenticated attacker through HTTP requests with an invalid Content-Length header, enabling access to PHP source code. ...

CVE-2023-30802 Sangfor Next-Gen Application Firewall Source Code Disclosure

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field...

Sangfor Next-Gen Application Firewall Security Vulnerabilities

Sangfor Next-Gen Application Firewall Sangfor NGAF is an application firewall from China-based Sangfor. A security vulnerability exists in Sangfor Next-Gen Application Firewall NGAF version 8.0.17, which originates from a source code disclosure issue. The vulnerability can be exploited to obtain...

DakshSCRA - Source Code Review Assist

Daksh SCRA Source Code Review Assist tool is built to enhance the efficiency of the source code review process, providing a well-structured and organized approach for code reviewers. Rather than indiscriminately flagging everything as a potential issue, Daksh SCRA promotes thoughtful analysis,...

CVE-2023-3413

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to...

Code injection

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to...