1938 matches found
CVE-2020-13116
Affected product: OpenText Carbonite Server Backup Portal. Vulnerability: Cross‑Site Scripting (XSS) via policy creation. Root cause: failure to adequately filter user input at policy creation. Impact: authenticated attacker can inject JavaScript into a client browser (arbitrary code execution in...
Opentext Carbonite 跨站脚本漏洞
OpenText develops and markets Enterprise Information Management EIM software. A cross-site scripting vulnerability exists in OpenText Carbonite Server Backup Portal 8.8.7 and earlier versions, which originates from a failure to effectively filter user input at policy creation, allowing an...
OpenText Webroot endpoint agents elevation of privilege vulnerability
OpenText Webroot endpoint agents is an endpoint security protection agent program from OpenText Canada. A security vulnerability exists in versions prior to OpenText Webroot endpoint agents v9.0.28.48, which stems from the program's failure to protect the "%PROGRAMDATA%\WrData\PKG" directory from...
OpenText Webroot endpoint agents type confusion vulnerability
OpenText Webroot endpoint agents is an endpoint security protection agent program from OpenText Canada. A type confusion vulnerability exists in versions prior to OpenText Webroot endpoint agents v9.0.28.48. The vulnerability stems from the system failing to properly check the type of input. An...
OpenText FirstClass Detection (HTTP)
HTTP based detection of OpenText FirstClass. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenText FirstClass Detection (SMTP)
SMTP based detection of OpenText FirstClass. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenText FirstClass Detection (FTP)
FTP based detection of OpenText FirstClass. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenText FirstClass Detection (IMAP)
IMAP based detection of OpenText FirstClass. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenText FirstClass Detection Consolidation
Consolidation of OpenText FirstClass detections. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
‘Wildly Different’ Privacy Regulations Causing Compliance Chaos
From the General Data Protection Regulations GDPR to the California Consumer Privacy Act CCPA, the security landscape is becoming increasingly fraught with regulatory efforts. While privacy regulation has positive implications for data security, companies are finding themselves struggling to stay...
ENFUSE 2019: Security Regulations, Insider Threats, and IoT Privacy Risks
LAS VEGAS – From insider threats, Internet of Things insecurity, to medical device hacking, ENFUSE 2019 broke down the top privacy and security issues help desks are seeing today. It also tackle what regulatory efforts are being developed to address those threats. Threatpost editor Lindsey...
CVE-2019-12270
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...
Design/Logic Flaw
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...
CVE-2019-12270
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...
CVE-2019-12270
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...
CVE-2019-12270
OpenText Brava! Enterprise and Brava! Server versions 7.5–16.4 on Windows configure excessive permissions by default: a displaylistcache file share is created with full read/write access for Everyone at both NTFS and Share levels. The share is used to retrieve documents for processing and to stor...
OpenText Portal Cross-Site Scripting Vulnerability
OpenText Portal is a set of enterprise portal system from OpenText Canada. The system provides content aggregation and content management capabilities for enterprises. A cross-site scripting vulnerability exists in OpenText Portal version 7.4.4, which stems from a lack of proper validation of...
CVE-2018-20165
Cross-site scripting XSS vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI...
CVE-2018-20165
Cross-site scripting XSS vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI...
Cross site scripting
Cross-site scripting XSS vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI...