PT-2023-27675 · Netentsec · Netentsec Ns-Asg

Name of the Vulnerable Software and Affected Versions: netentsec NS-ASG version 6.3 Description: The issue is related to Incorrect Access Control, with a file leak found in the website source code of the application security gateway. Recommendations: For netentsec NS-ASG version 6.3, consider...

CVE-2023-40850

netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...

CVE-2023-40850

netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...

CVE-2023-40850

CVE-2023-40850 affects netentsec NS-ASG 6.3 (application security gateway). The issue is an Incorrect Access Control allowing leakage of the website source code files. Based on sources, this is described as a file disclosure risk within NS-ASG’s website source and is associated with version 6.3. ...

Netcon NS-ASG Security Vulnerability

Netcon NS-ASG is an application security gateway from China Netcon Technology Netcon. A security vulnerability exists in Netcon NS-ASG version 6.3, which stems from vulnerability to incorrect access control and file disclosure of the Application Security Gateway website source code...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

CVE-2023-31069

TSplus Remote Access (up to version 16.0.2.14) contains a credential exposure in which passwords are stored as cleartext in the HTML source of the login page. This is documented across multiple sources (NVD/Red Hat/PRION entries) and confirms the root cause is cleartext credential storage on the ...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Synel Security Vulnerabilities

Synel is a time and attendance management system from Synel Israel. A security vulnerability exists in Synel Terminals versions prior to 3015.1 that stems from downloading source code from a remote location without integrity checking...

SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. "Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate...

Noir - An Attack Surface Detector Form Source Code

Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions with proxy tools such as ZAP, Burpsuite, Caido and More Proxy tools...

Malicious npm Packages Aim to Target Developers for Source Code Theft

An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories. "The threat actor behind this campaign has been linked to malicious...

CVE-2023-40164

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time...

CVE-2023-40166

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

Heap overflow

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

CVE-2023-40166

CVE-2023-40166 affects Notepad++ versions prior to 8.5.7. The issue is a heap buffer read overflow in FileManager::detectLanguageFromTextBegining, which can leak internal memory information and, per related advisories, may enable arbitrary code execution under some conditions. Public exploits exi...

CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...