26 matches found
EUVD-2023-35502
Malicious code in bioql PyPI...
EUVD-2023-36476
Malicious code in bioql PyPI...
EUVD-2023-35503
Malicious code in bioql PyPI...
CVE-2023-32218
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site 'Open Redirect'...
CVE-2023-31186
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy...
CVE-2023-32218
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site 'Open Redirect'...
CVE-2023-31187
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-31187
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
Code injection
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy...
Open redirect
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site 'Open Redirect'...
Design/Logic Flaw
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
Avaya IX Workforce Engagement 安全漏洞
Avaya IX Workforce Engagement is an employee workflow management system from Avaya USA. A security vulnerability exists in Avaya IX Workforce Engagement version v15.2.7.1195 that stems from insufficient credential protection...
PT-2023-23214 · Avaya · Avaya Ix Workforce Engagement
Name of the Vulnerable Software and Affected Versions: Avaya IX Workforce Engagement version 15.2.7.1195 Description: The issue is related to insufficiently protected credentials, which could potentially lead to unauthorized access. Recommendations: For Avaya IX Workforce Engagement version...
Avaya IX Workforce Engagement 安全漏洞
Avaya IX Workforce Engagement is an employee workflow management system from Avaya USA. A security vulnerability exists in Avaya IX Workforce Engagement version v15.2.7.1195. An attacker could exploit the vulnerability to enumerate users...
CVE-2023-31186 Avaya IX Workforce Engagement - User Enumeration - CWE-204: Observable Response Discrepancy
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy...
CVE-2023-31187
CVE-2023-31187 affects Avaya IX Workforce Engagement v15.2.7.1195. The underlying issue is CWE-522: Insufficiently Protected Credentials, leading to potential exposure of sensitive data. According to the sources, the vulnerability has a network attack vector with low complexity and low privileges...
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-32218 Avaya IX Workforce Engagement - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site 'Open Redirect'...
CVE-2023-31186
CVE-2023-31186 affects Avaya IX Workforce Engagement, specifically version 15.2.7.1195, where a user enumeration vulnerability is described as an observable response discrepancy. The connected documents (e.g., CNNVD-202305-2542 and NVD entry) corroborate that an attacker could enumerate users via...
Avaya IX Workforce Engagement 输入验证错误漏洞
Avaya IX Workforce Engagement is an employee workflow management system from Avaya USA. A security vulnerability exists in Avaya IX Workforce Engagement version v15.2.7.1195 that originates from URL redirection to an untrusted site...