CVE-2024-33276

SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a remote attacker to run arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method...

CVE-2024-33271

An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive information from the pscustomer component...

CVE-2024-1579

Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Secomea GateManager Webserver modules allows Session Hijacking.This issue affects GateManager: before 11.2.624071020...

CVE-2024-1969

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Secomea GateManager webserver modules allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033...

CVE-2024-1969 Heap buffer overflow

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Secomea GateManager webserver modules allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033...

CVE-2024-1969

CVE-2024-1969 affects Secomea GateManager webserver modules. A Buffer Copy without Checking Size of Input (classic buffer overflow) can crash GateManager. Affected versions are 9.7 through 11.2.624095033. Remediation: update to a version after 11.2.624095033 (per PT-2024-18459). The available con...

CVE-2024-1579 Insufficient seeding of random number generator

Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Secomea GateManager Webserver modules allows Session Hijacking.This issue affects GateManager: before 11.2.624071020...

CVE-2024-1579

The CVE concerns Secomea GateManager, specifically the Webserver modules, with an underlying flaw in the PRNG seeding. The root cause is Incorrect Usage of Seeds in the PRNG, which can lead to session hijacking. Affected/version info: GateManager before 11.2.624071020. Documented impact indicates...

CVE-2024-1579 Insufficient seeding of random number generator

Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Secomea GateManager Webserver modules allows Session Hijacking.This issue affects GateManager: before 11.2.624071020...

CVE-2024-33271

An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive information from the pscustomer component...

CVE-2024-33271

An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive information from the pscustomer component...

PT-2024-25187 · Unknown · Fme Modules Preorderandnotication

Name of the Vulnerable Software and Affected Versions: FME Modules preorderandnotication versions 3.1.0 and earlier Description: The issue allows a remote attacker to execute arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method. This enables the attacker to...

CVE-2024-33276

CVE-2024-33276 affects the FME Modules preorderandnotication (versions 3.1.0 and earlier). The root cause is a SQL injection in PreorderModel::getIdProductAttributesByIdAttributes(), enabling remote attackers to execute arbitrary SQL commands. Documents do not specify a patch version or concrete ...

CVE-2024-33276

SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a remote attacker to run arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method...

CVE-2024-33276

SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a remote attacker to run arbitrary SQL commands via the PreorderModel::getIdProductAttributesByIdAttributes method...

PT-2024-18459 · Secomea · Secomea Gatemanager

Name of the Vulnerable Software and Affected Versions: Secomea GateManager versions 9.7 through 11.2.624095033 Description: A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' issue in the webserver modules of Secomea GateManager allows the crash of GateManager. Recommendations...

ai.pipestream.module:module-chunker (=0.1.1), ai.pipestream.module:module-echo (=0.1.1) +786 more potentially affected by CVE-2024-1726 via io.quarkus.resteasy.reactive:resteasy-reactive (>=1.11.0.Beta1 <=3.2.10.Final)

io.quarkus.resteasy.reactive:resteasy-reactive MAVEN version =1.11.0.Beta1, =0.0.2, =0.1.1, =0.2.0, =0.2.0, =0.1.1, =0.1.7, =1.21.0, =1.28.0 and more Source cves: CVE-2024-1726 Source advisory: OSV:GHSA-MV64-86G8-CQQ7...

Security Bulletin: IBM Event Streams is vulnerable to sensitive information leakage and directory traversal attack due to the Golang related packages (CVE-2023-45285, CVE-2023-39326, CVE-2023-45283).

Summary Golang Go is used by IBM Event Streams and could allow a remote attacker to obtain sensitive information, caused by a flaws in modules with ".git" suffix and in the net/http package. By sending specially crafted requests, an attacker can attain these privileges. Vulnerability Details...

CVE-2024-4017

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit filesystem modules allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3...

CVE-2024-4018

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit local appliance api modules allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3...