CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

CVE-2023-27169

Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation...

PT-2023-20985 · Xpand It · Xpand It Write-Back Manager

Name of the Vulnerable Software and Affected Versions: Xpand IT Write-back manager version 2.3.1 Description: The issue arises from the use of a hardcoded salt in the license class configuration, leading to the generation of hardcoded and predictable symmetric encryption keys for license generati...

CVE-2021-28183 ASUS BMC's firmware: buffer overflow - Web License configuration setting

The specific function in ASUS BMC’s firmware Web management page Web License configuration setting does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the...

Desktop Studio Error: "Can't Get License Info"

The license server can be registered with XenDesktop either when XenDesktop is configured, or through the Change license server action on the Licensing node in Desktop Studio. When the administrator specifies the address of the license server, Desktop Studio attempts to discover the License...

Oracle Hospitality OPERA 5 Property Services Remote Vulnerability (CNVD-2017-08077)

Oracle Hospitality Applications is a suite of business applications, servers, and storage solutions for hotel management from Oracle Corporation. The solution provides human resource cost management, tracking and management of services throughout a customer's journey to improve customer...

CVE-2017-3574

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA License code configuration. Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily "exploitable" vulnerability allow...

SQL Injection Vulnerability in Siemens Automation License Manager

Siemens Automation License Manager ALM is a software that centrally manages license keys for various Siemens software products. A SQL injection vulnerability exists in Siemens Automation License Manager. A remote attacker can access port 4410/TCP to read and write ALM configuration information,...

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

No description provided by source. =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully configured. POST...