Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local...

CVE-2025-14320

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

CVE-2025-14320

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

CVE-2025-14320

The CVE-2025-14320 entry concerns Tegsoft Management and Information Services Trade Limited Company’s Online Support Application. It describes an improper neutralization of input during web page generation, enabling Reflected XSS. Affected version range is from V3 through 31122025. CVSS 3.1 metri...

CVE-2025-14320

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

CVE-2025-14320 XSS in Tegsoft's Online Support Application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

CVE-2025-14320 XSS in Tegsoft's Online Support Application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

EUVD-2025-209611

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

PT-2026-36789

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025...

Tegsoft Online Support Application 跨站脚本漏洞

Tegsoft Online Support Application is a communication system for customer service and online support provided by the Turkish company Tegsoft. The Tegsoft Online Support Application V3 version through version 31122025 contained a cross-site scripting vulnerability. This vulnerability stemmed from...

eCommerce Customer Service Tips For Online Support: The Basics

Strong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support...

CVE-2023-39995

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Portfolio and Projects portfolio-and-projects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio and Projects: from n/a through = 1.3.7...

CVE-2023-39996

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Accordion and Accordion Slider accordion-and-accordion-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion and Accordion Slider: from n/a through = 1.2.4...

Security Bulletin: IBM Technical Support Appliance - possible degraded performance or excessive CPU usage

Summary Domain Name Service DNS messaging is used to resolve hostnames to IP addresses. Vulnerability Details CVEID:CVE-2024-1737 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error when content is being added or updated in resolver caches and authoritative zone databas...

Security Bulletin: IBM Technical Support Appliance - possible exposure of sensitive information

Summary RSA-PSK key exchange occurs when establishing a connection from a web browser to the IBM Technical Support Appliance web UI. Vulnerability Details CVEID:CVE-2024-0553 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive information. By perform a timing side-channel attack...

CVE-2022-45818

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate plugin = 1.3.4 versions...

A week in security (October 10 - 16)

Last week on Malwarebytes Labs: Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21 White House unveils Blueprint for an AI Bill of Rights Credential stuffers take aim at Final Fantasy XIV players Meta accuses apps of stealing WhatsApp accounts Smart lights...

Critical Netgear Bug Impacts Flagship Nighthawk Router

Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk R7800 hardware running firmware versions prior to 1.0.2.68. The warnings, posted Tuesday, also include two high-severity bugs impacting...

Dell Resets All Customers' Passwords After Potential Security Breach

Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity ...

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Incorrect Access Control Vulnerability

Dell EMC Avamar Server and EMC Integrated Data Protection Appliance are both products of Dell Inc.Dell EMC Avamar Server is a fully virtualized backup and recovery software for servers.EMC Integrated Data Protection Appliance is a disk-based backup and recovery solution. EMC Integrated Data...