123 matches found
CVE-2023-40262
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...
CVE-2023-40262
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...
Cross site scripting
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...
CVE-2023-40262
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...
CVE-2023-40262
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...
CVE-2023-40262
Atos Unify OpenScape Voice Trace Manager V8 before R0.9.11 is affected by an unauthenticated Stored Cross‑Site Scripting (XSS) vulnerability in the administration component via Access Request. Affected product: OpenScape Voice Trace Manager V8 (pre‑R0.9.11). Root cause: stored XSS in the admin in...
CVE-2023-47114 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the...
CVE-2023-47114
CVE-2023-47114 affects Fides HTML-formatted Data Subject Request packages. Root cause: lack of input validation for data from connected systems/data stores, enabling HTML injection when a data subject opens the downloaded package (typically HTML files in ZIP) in a browser via file://. Existence o...
CVE-2023-47114 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the...
GHSA-3VPF-MCJ7-5H38 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages
Impact The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being...
Radius authentication failure
According to network trace captured on NetScaler, there is no response from radius server after NetScaler sending Access-Request packet toradius server. This issue occurred suddenly, and the related configuration of radius authentication on NetScaler has not changed...
SUSE CVE-2004-0961
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service memory exhaustion via a series of Access-Request packets with 1 Ascend-Send-Secret, 2 Ascend-Recv-Secret, or 3 Tunnel-Password attributes...
PT-2023-14304
Name of the Vulnerable Software and Affected Versions Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description The issue concerns two legacy REST API endpoints for approval and request access that are vulnerable to cross-site request forgery. Recommendations For Apache...
CVE-2022-35646
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...
CVE-2022-35646
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...
Information disclosure
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...
CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...
CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...
The vulnerability of the Access Request sub-component of the Oracle iReceivables component in the Oracle E-Business Suite automation system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Access Request subcomponent of the Oracle iReceivables component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...
CVE-2022-21568
Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite component: Access Request. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successfu...