EUVD-2023-45286

Malicious code in bioql PyPI...

Siemens QMS Automotive Security Bypass Vulnerability

Siemens QMS Automotive is a quality management system for the automotive industry from Siemens, Germany. A security bypass vulnerability exists in Siemens QMS Automotive, which stems from the affected application's QMS.Mobile module storing sensitive application data in external, unsecured storag...

CVE-2023-40730

A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application lacks sufficient authorization checks. This could allow an attacker to access confidential information, perform administrative functions, or lead to a denial-of-service...

CVE-2023-40732

A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks...

PT-2023-5189 · Unknown · Qms Automotive

Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: The issue is related to the QMS.Mobile module of the QMS Automotive software, which does not properly invalidate session tokens upon logout. This could allow an attacker to perform session...