Lucene search
K

333 matches found

Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.25 views

Fortinet FortiClient 6.2.x < 6.2.1 Missing Encryption Of Sensitive Data Vulnerability

The version of Fortinet FortiClient running on the remote host is prior to 6.2.1. It is, therefore, affected by a missing encryption of sensitive data vulnerability. An attacker can access VPN session cookie from an endpoint device running FortiClient. The attacker can steal the cookies only if...

5.8AI score
Exploits0References1
Fortinet
Fortinet
added 2019/04/23 12:0 a.m.15 views

Multiple VPN applications insecurely store session cookies

The Missing Encryption Of Sensitive Data vulnerability in FortiClient may allow an attacker to access VPN session cookie from an endpoint device running FortiClient. The attacker can steal the cookies only if endpoint device has been compromised in such a way that the attacker has access to...

6.7AI score
Exploits0
Veracode
Veracode
added 2019/03/25 8:40 a.m.30 views

Cross-Site Scripting (XSS)

apache activemq is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the refresh parameter to PortfolioPublishServlet.java, and through debug logs or subscribe messages in webapp/websocket/chat.js...

4.3CVSS8.6AI score0.06018EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2019/03/21 4:0 p.m.3 views

CVE-2018-18466

An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs present in the DEBUG folder that can be accessed by anyone. NOTE: The vendor disputes this as a vulnerability...

7CVSS5.8AI score0.00342EPSS
Exploits0References3
CVE
CVE
added 2018/07/27 4:0 p.m.86 views

CVE-2017-15113

CVE-2017-15113 affects ovirt-engine (Red Hat Virtualization Manager) prior to version 4.1.7.6, where DEBUG logging exposes passwords in plaintext in log files. The issue arises because log level DEBUG can reveal sensitive credentials, and only admins can change log level/access logs; this creates...

7.2CVSS6.3AI score0.01164EPSS
Exploits0References4Affected Software1
Citrix
Citrix
added 2017/12/21 12:0 a.m.6 views

Unable to install Secure Mail Public version for iOS - Incompatible app

Issue --------------- Unable to install Secure Mail Public version for iOS - Incompatible app Logs ------------- Xcode Logs Dec 14 09:29:52 iPhone WorxMailAppStore985 : -NSFileManagerMdxEncryption ctxRemoveItemAtPath:error:: errno=2 Dec 14 09:29:52 iPhone WorxMailAppStorelibsqlite3.dylib985 : BUG...

6.7AI score
Exploits0
Veeam
Veeam
added 2017/11/14 12:0 a.m.15 views

Failed to import Veeam Cloud Connect certificate after Veeam Availability Console server migration

Challenge After migrating your Veeam Availability Console VAC installation to a new server and adding an existing Veeam Cloud Connect VCC server, the following certificate error may be observed: Failed to import certificate from the Veeam Cloud Connect server. See debug logs for more information...

7.1AI score
Exploits0
Citrix
Citrix
added 2017/10/06 12:0 a.m.5 views

Some WEMs Agent are failing to check in with WEM Broker

Many WEM Agents do not check in with the WEM Broker Server and they are missing from the Agent List inside of the WEM Administration Console. For example, this screenshot shows only 4 Agents checking in but dozens more WEM Agents are configured and should be present in this list: The Debug logs o...

7.3AI score
Exploits0
Citrix
Citrix
added 2017/09/29 12:0 a.m.8 views

WEM admin console fails to connect with error: Error while connecting to the specified Infrastructure Server

The WEM Administration Console errors out while connecting to the broker with a generic error: "Error while connecting to the specified Infrastructure Server". Looking into the the WEM admin console debug logs %userprofile%\Citrix WEM Console Trace.Log the following error is reported: Exception -...

7AI score
Exploits0
Citrix
Citrix
added 2017/09/22 12:0 a.m.7 views

Failed to update listener certificate in XMS 10.6

While importing renewed SSL listener certificate on XMS 10.6 following error is observed on XMS debug logs. 2017-06-22T11:47:55.251+0300 | A7B895C5041828EC | INFO | http-nio-14443-exec-7 | com.citrix.controlpoint.rest.CertificateMgmtResource | Uploading certificate to be used As : listener . none...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/08/18 12:0 a.m.4 views

Salt win_useradd, salt-cloud and Linode driver information disclosure vulnerabilities

Salt aka SaltStack is a set of open source tools for managing infrastructure from SaltStack, Inc. winuseradd one of the user creation component; salt-cloud is a virtual machine configuration component; Linode driver is a server driver. A security vulnerability exists in winuseradd, salt-cloud, an...

9.8CVSS9.1AI score0.0222EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/08/09 4:29 p.m.20 views

CVE-2015-6941

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

9.8CVSS7.2AI score0.0222EPSS
Exploits0References4
Prion
Prion
added 2017/08/09 4:29 p.m.13 views

Design/Logic Flaw

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

5CVSS6.9AI score0.0222EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/08/09 4:29 p.m.25 views

PYSEC-2017-71

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

9.8CVSS1.3AI score0.0222EPSS
Exploits0References5
OSV
OSV
added 2017/08/09 4:29 p.m.6 views

UBUNTU-CVE-2015-6941

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

9.8CVSS7.3AI score0.0222EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/08/09 4:0 p.m.25 views

CVE-2015-6941

winuseradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs...

9.4AI score0.0222EPSS
Exploits0References4
CVE
CVE
added 2017/08/09 4:0 p.m.58 views

CVE-2015-6941

Salt CVE-2015-6941 affects Salt 2015.5.x before 2015.5.6 and 2015.8.x before 2015.8.1, where win_useradd, salt-cloud and the Linode driver leak password information in debug logs. Impact: password information is exposed in logs. Remediation: upgrade to Salt 2015.5.6 or 2015.8.1 as indicated by th...

9.8CVSS9.2AI score0.0222EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2017/08/09 4:0 p.m.35 views

CVE-2015-6941

Removed by vendor...

9.8CVSS9.4AI score0.0222EPSS
Exploits0
Citrix
Citrix
added 2017/08/07 12:0 a.m.8 views

Certificate Based Authentication : Troubleshooting Tips

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

7.2AI score
Exploits0
Citrix
Citrix
added 2017/06/07 12:0 a.m.9 views

Frequently Asked Questions During NetScaler MAS Troubleshooting

Citrix ADM, formerly NetScaler MAS The following section lists some of the frequently asked questions during diagnosis and troubleshooting of NetScaler MAS issues: How to verify the NetScaler MAS build version using CLI and support file? How does MAS fetch all the dashboard related data from...

6.9AI score
Exploits0
Rows per page
Query Builder