662 matches found
CVE-2023-45716 HCL Sametime is impacted by a sensitive information disclosure
Sametime is impacted by sensitive information passed in URL...
CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application...
CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application...
Cross site request forgery (csrf)
Sametime is impacted by a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application...
CVE-2023-50349 HCL Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability
Sametime is impacted by a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application...
CVE-2023-50349
CVE-2023-50349 affects HCL Sametime, specifically REST APIs in the Sametime Proxy, where a CSRF vulnerability can allow an attacker to perform malicious actions. The entry is supported by NVD data showing a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact ...
CVE-2023-50349 HCL Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability
Sametime is impacted by a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application...
PT-2024-13276 · Ibm · Sametime
Name of the Vulnerable Software and Affected Versions: Sametime affected versions not specified Description: The issue is related to a failure to invalidate sessions in Sametime. Sensitive cookie values are set in a persistent manner in Sametime Web clients, allowing these values to remain valid...
HCL Sametime Security Vulnerability
HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A security vulnerability exists in HCL Sametime. An attacker can exploit the vulnerability to obtain sensitive information...
HCL Sametime Authorization Issues Vulnerability
HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A security vulnerability exists in HCL Sametime that stems from the inability to disable a session...
HCL Sametime Cross-Site Request Forgery Vulnerability
HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A cross-site request forgery vulnerability exists in HCL Sametime. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...
PT-2024-13919 · Ibm · Sametime
Name of the Vulnerable Software and Affected Versions: Sametime affected versions not specified Description: The issue is related to a Cross Site Request Forgery CSRF vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the...
PT-2024-2332 · Hcl · Hcl Sametime Chat/Meetings
Name of the Vulnerable Software and Affected Versions: HCL Sametime Chat and Meetings affected versions not specified Description: The issue is related to the lack of protection for sensitive data in the HCL Sametime Chat and Meetings software. It is mentioned that sensitive fields have...
PT-2024-13270 · Microsoft +1 · Outlook +1
Name of the Vulnerable Software and Affected Versions: Sametime affected versions not specified Description: The issue is related to a lack of clickjacking protection in the Outlook add-in. The application does not implement appropriate protections to safeguard users against clickjacking attacks...
PT-2024-13275 · Ibm · Ibm Sametime
Name of the Vulnerable Software and Affected Versions: IBM Sametime affected versions not specified Description: The issue concerns sensitive information being passed in URLs, potentially exposing it. Recommendations: At the moment, there is no information about a newer version that contains a fi...
SUSE CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
SUSE CVE-2013-0273
sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service application crash via a crafted packet...
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users...
Default credentials
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users...
HCL Technologies HCL Sametime 安全漏洞
HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A security vulnerability exists in HCL Technologies HCL Sametime 12 that stems from an anonymous user logging in and being able to browse the user directory and potentially create chats with internal users...