The vulnerability relates to the administration tool for EMC Documentum systems, the Digital Asset Management tool for EMC Documentum systems, the access to the repository of EMC Documentum TaskSpace systems, the Web Publisher for managing web projects in EMC Documentum, and the web interface that provides access to the EMC Documentum repository via Webtop. This vulnerability allows a perpetrator to intercept user authentication data.

The vulnerability of the EMC Documentum Administrator, a system for managing electronic document workflows, the EMC Documentum Digital Asset Management tool for managing multimedia materials within the system, the EMC Documentum TaskSpace tool for accessing the repository, and the EMC Documentum...

The vulnerability of the microprogramming software of the Cisco TelePresence Serial Gateway allows a perpetrator to access the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence Serial Gateway device is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway allows a perpetrator to access the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway relates to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence IP VCR device allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence IP VCR device is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence IP Gateway allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence IP Gateway device is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence Multipoint Control Unit allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence Multipoint Control Unit is related to the of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

IBM MQ Light Denial of Service Vulnerability (CNVD-2015-05123)

IBM MQ Light is a messaging service from IBM USA based on IBM Bluemix, a PaaS platform for creating, deploying and managing applications on the cloud. A security vulnerability exists in IBM MQ Light versions 1.0 and 1.0.0.1 due to the program failing to properly handle authentication credentials....

IBM MQ Light Denial of Service Vulnerability (CNVD-2015-05122)

IBM MQ Light is a messaging service from IBM USA based on IBM Bluemix, a PaaS platform for creating, deploying and managing applications on the cloud. A security vulnerability exists in IBM MQ Light versions 1.0 and 1.0.0.1 due to the program failing to properly handle authentication credentials....

IBM MQ Light Denial of Service Vulnerability (CNVD-2015-05121)

IBM MQ Light is a messaging service from IBM USA based on IBM Bluemix, a PaaS platform for creating, deploying and managing applications on the cloud. A security vulnerability exists in IBM MQ Light versions 1.0 and 1.0.0.1 due to the program failing to properly handle authentication credentials....

IBM MQ Light Denial of Service Vulnerability (CNVD-2015-05120)

IBM MQ Light is a messaging service from IBM USA based on IBM Bluemix, a PaaS platform for creating, deploying and managing applications on the cloud. A security vulnerability exists in IBM MQ Light versions 1.0 and 1.0.0.1 due to the program failing to properly handle authentication credentials....

CVE-2015-1958

IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service disk consumption via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1987...

CVE-2015-1987

CVE-2015-1987 affects IBM MQ Light prior to 1.0.0.2. The issue is due to improper handling of authentication credentials, allowing a remote attacker to cause a denial of service (disk consumption) by sending crafted byte sequences. Affected versions are IBM MQ Light v1.0 and v1.0.0.1 on all platf...

Red Hat docker HTTP degradation vulnerability

Docker is an open-source application container engine that allows developers to package their applications, as well as dependency packages, into a portable container that can then be distributed to any popular Linux machine, as well as virtualized. Red Hat docker package with the --add-registry...

DEBIAN-CVE-2014-5277

Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...

CVE-2014-4810

IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and 10.2.1 before FP4 IF1 preserves a session between the Cognos Mobile server and the Cognos Business Intelligence server after a logoff action on a mobile device, which makes it easier for remote attackers to bypass intended Busine...

CVE-2014-4810

IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and 10.2.1 before FP4 IF1 preserves a session between the Cognos Mobile server and the Cognos Business Intelligence server after a logoff action on a mobile device, which makes it easier for remote attackers to bypass intended Busine...

CVE-2014-4810

The CVE-2014-4810 entry affects IBM Cognos Mobile. According to the sources, IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and 10.2.1 before FP4 IF1 preserve a session between the Cognos Mobile server and the Cognos BI server after a user logs off on a mobile device. This behavi...

USN-2382-1 requests vulnerabilities

Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site. CVE-2014-1829, CVE-2014-1830...

CVE-2014-1487

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages...

Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages...