19 matches found
EUVD-2020-6407
Malware in sbrugna...
EUVD-2024-39893
Malicious code in bioql PyPI...
EUVD-2024-21035
Malicious code in bioql PyPI...
CVE-2020-14254
TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it...
CVE-2024-42194
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by crafting a specific REST API call...
CVE-2024-42194 HCL BigFix Inventory is affected by an access control vulnerability
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by crafting a specific REST API call...
CVE-2024-42194 HCL BigFix Inventory is affected by an access control vulnerability
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by crafting a specific REST API call...
CVE-2024-42194
CVE-2024-42194 affects HCL BigFix Inventory: an access-control vulnerability arising from improper handling of permissions allows a read-only account to modify certain configuration parameters via a crafted REST API call. The available documents confirm the affected product and the underlying iss...
PT-2024-29789 · Hcl · Hcl Bigfix Inventory
Name of the Vulnerable Software and Affected Versions: HCL BigFix Inventory affected versions not specified Description: The issue is related to an improper handling of insufficient permissions or privileges in HCL BigFix Inventory. An attacker with access via a read-only account can possibly...
HCL BigFix Inventory 安全漏洞
HCL BigFix Inventory is a software inventory from HCL USA. Maintaining software audits reduces security risks through software compliance and utilization management. HCL BigFix Inventory has a security vulnerability that stems from insufficient permissions or improper handling of privileges. An...
CVE-2024-23540
The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file...
CVE-2024-23540 HCL BigFix Inventory is vulnerable to path traversal
The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file...
CVE-2024-23540
CVE-2024-23540 : The HCL BigFix Inventory server is vulnerable to a path traversal flaw that allows an attacker to read internal application files by exploiting improper restrictions on served static files. The vulnerability is mapped to CVSS 3.1: Network, Low attack complexity, Privileges Requir...
CVE-2024-23540 HCL BigFix Inventory is vulnerable to path traversal
The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file...
Unspecified Vulnerability in HCL BigFix Inventory
HCL BigFix Platform is a suite of endpoint security management platform from HCL India. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL BigFix Inventory v10.0.2 onwards, which stems from not disabling the...
CVE-2020-14254
TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it...
Code injection
TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it...
CVE-2020-14254
TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it...
CVE-2020-14254
CVE-2020-14254 affects HCL BigFix Inventory up to v10.0.2, where TLS-RSA cipher suites are not disabled. The available descriptions state that if TLS 2.0 and secure ciphers are not enabled, an attacker can passively record traffic and later decrypt it. The connected documents corroborate the vuln...