4 matches found
CVE-2025-3449 Weak Session Token used in Automation Runtime SDM
A Generation of Predictable Numbers or Identifiers vulnerability in the SDM component of B&R Automation Runtime versions before 6.4 may allow an unauthenticated network-based attacker to take over already established sessions...
PT-2024-28660 · Ibm · Ibm Sterling Connect:Direct Web Services
Name of the Vulnerable Software and Affected Versions: IBM Sterling Connect:Direct Web Services versions 6.0 through 6.3 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information using...
de.the-library-code.dspace:addon-duplication-detection-service-jspui (>=6.2.0 <=6.3.1), de.the-library-code.dspace:addon-identifiers-enduring-submission-jspui (=6.3.0) +1 more potentially affected by CVE-2022-31192 via org.dspace:dspace-jspui (>=6.0 <=6.3)
org.dspace:dspace-jspui MAVEN version =6.0, =6.2.0, =6.0, =6.3 Source cves: CVE-2022-31192 Source advisory: OSV:GHSA-4WM8-C2VV-XRPQ...
CVE-2017-3111
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances...