CVE-2024-33004 Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices)

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...

CVE-2024-33004

CVE-2024-33004 affects SAP Business Objects Business Intelligence Platform. The issue is insecure storage: dynamic web pages are cached after logout, allowing an attacker to view cached pages and open them, with a limited impact on confidentiality, integrity and availability. The initial descript...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. SAP Business Objects Business Intelligence Platform suffers from a...

IBM TXSeries for Multiplatforms 安全漏洞

IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A security vulnerability exists in IBM TXSeries for Multiplatforms version 8.2 that...

PT-2024-25050 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Business Intelligence Platform affected versions not specified Description: The issue concerns insecure storage where dynamic web pages are cached even after a user logs out. This allows an attacker to potentially view...

PT-2024-19353 · Ibm · Ibm Txseries For Multiplatforms

Name of the Vulnerable Software and Affected Versions: IBM TXSeries for Multiplatforms version 8.2 Description: The issue concerns the transmission or storage of authentication credentials using an insecure method, making them susceptible to unauthorized interception and/or retrieval...

CVE-2024-29941

Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...

CVE-2024-29941

CVE-2024-29941 describes insecure storage of ICT MIFARE and DESFire encryption keys in the firmware binary, enabling credential cloning by creating credentials for any site code and card number that uses the default ICT encryption. The Red Hat/NVD entries corroborate that the issue arises from st...

CVE-2024-25655

Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allows members with read access to the application database to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP...

AVSystem Unified Management Platform Security Vulnerability

AVSystem Unified Management Platform is a comprehensive management platform from AVSystem designed to help enterprises, service providers and carriers manage and monitor their network devices, Internet of Things IoT devices and services. A security vulnerability exists in AVSystem Unified...

CVE-2024-25655

Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allows members with read access to the application database to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP...

CVE-2024-21826

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-21826

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

Information disclosure

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-21826 Huks has an insecure storage of sensitive information vulnerability

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-21826 Huks has an insecure storage of sensitive information vulnerability

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-21826

OpenHarmony has a local-information-disclosure vulnerability (CVE-2024-21826) affecting v3.2.4 and earlier, attributed to insecure storage in the Huks component. A local attacker can access sensitive data due to improper storage protections. Remediation: upgrade to a version newer than 3.2.4; a t...

PT-2024-19077 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to cause a sensitive information leak through insecure storage. A local attacker can exploit this to gain access to sensitive information. Recommendations: For...

MTN Group: CVE-2010-1429 JBoss Insecure Storage of Sensitive Information on ips.mtn.co.ug

The JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allowed remote attackers to obtain sensitive information about deployed web contexts via a request to the status servlet, as demonstrated by a full=true query string. This issue was caused by a regression fr...

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...