38 matches found
CVE-2024-5916
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to...
CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to...
PAN-OS: Cleartext Exposure of External System Secrets
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS, which stems from the presence of an information disclosure vulnerability that allows a local system administrator to...
CSAM Strengthens Attack Surface Coverage and Risk Assessment With Third-Party Connectors
Organizations using Qualys CyberSecurity Asset Management CSAM can now import asset data from any external system into the Enterprise TruRisk Platform. With third-party connectors, you will identify any existing coverage gaps and add business context to your unified inventory, helping you...
ROS-20230418-04
A vulnerability in the pki-core public key infrastructure deployment management system is related to insufficient validation of user-entered XML data, which could be passed by specially created XML code to a vulnerable application and view the contents of arbitrary files on the system or initiate...
CVE-2020-16235
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained...
CVE-2020-16235
CVE-2020-16235 affects Emerson OpenEnterprise (all versions through 3.3.5). The issue is inadequate encryption (CWE-326) that could allow credentials used by OpenEnterprise to access field devices and external systems to be obtained. Exploitation is described as local (not remote) with low attack...
XML external entity (XXE) injection in Apache Nutch
An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...
Apache Any23 code issue vulnerability
Apache Any23 is a library, Web service, and command-line tool from the Apache Foundation, USA. It can extract structured data in RDF format from a variety of Web documents.Any23 versions prior to 2.7 contain a code issue vulnerability that could be exploited by an attacker to interfere with an...
CVE-2021-38555
An XML external entity XXE injection vulnerability was discovered in the Any23 StreamUtils.java file and is known to affect Any23 versions 2.5. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of...
Xxe
An XML external entity XXE injection vulnerability was discovered in the Any23 StreamUtils.java file and is known to affect Any23 versions 2.5. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of...
CVE-2021-27233
An issue was discovered in Mutare Voice EVM 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue...
CVE-2021-27233
An issue was discovered in Mutare Voice EVM 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue...
CVE-2021-27233
An issue was discovered in Mutare Voice EVM 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue...
Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack
Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but the...
CVE-2017-5158
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified...
XenMobile Rest API
XenMobile provides an extensive REST API that can be leveraged to extract data and provide it for business needs. This feature provides customers with the facility of calling XenMobile services using REST API. Instead of using XenMobile console, customers can call exposed services by using any RE...