18 matches found
EUVD-2013-3222
Malware in sbrugna...
EUVD-2019-14152
Malware in sbrugna...
EUVD-2022-3457
Malicious code in bioql PyPI...
EUVD-2024-32689
Malicious code in bioql PyPI...
CVE-2013-7292
VASCO IDENTIKEY Authentication Server IAS 3.4.x allows remote authenticated users to bypass Active Directory AD authentication by entering only a DIGIPASS one-time password, instead of the intended combination of this one-time password and a multiple-time AD password...
SolarWinds Access Rights Manager ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChangeHumster class. The issue results from an exposed dangerous...
CVE-2024-4129 Authentication bypass in Snow License Manager
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through 9.34.0...
PT-2024-29348 · Snow · Snow License Manager
Name of the Vulnerable Software and Affected Versions: Snow License Manager versions 9.33.2 through 9.34.0 Description: The issue is related to an Improper Authentication vulnerability that allows a networked attacker to bypass authentication in Snow License Manager on Windows when Active Directo...
CVE-2023-39069
An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to gain privileges via Active Directory authentication mechanism...
PT-2023-26772 · Strangebee · Thehive
Name of the Vulnerable Software and Affected Versions: StrangeBee TheHive versions 4.1.21 through 5.0.8 Cortex version 3.1.6 Description: An issue in the software allows a remote attacker to gain privileges via the Active Directory authentication mechanism. Recommendations: For StrangeBee TheHive...
JSA10413 - Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) products - Security Bundle - Authentication & Authorization Issue
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Authentication & Authorization vulnerability found and fixed through a combination of internal and external proactive security testing: - When using NTLMv1 or NTLMv2 authentication...
Hotfix XS82E002 - For Citrix Hypervisor 8.2
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| Restart the XAPI Toolstack Content live patchable| No Baselines for Live Patch| N/A Revision History|...
IBM QRadar SIEM Spoofing Vulnerability
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A spoofing...
Desktop Studio Error: "Can't Get License Info"
The license server can be registered with XenDesktop either when XenDesktop is configured, or through the Change license server action on the Licensing node in Desktop Studio. When the administrator specifies the address of the license server, Desktop Studio attempts to discover the License...
Old Printer Vulnerabilities Die Hard
Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...
CVE-2017-14385
An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual...
Description of the security update for Outlook 2016: September 12, 2017
Description of the security update for Outlook 2016: September 12, 2017 Summary There is a Microsoft Office update for defense-in-depth updates to help improve security-related features. To learn more about the vulnerability, see Microsoft advisory ADV170015. Note To apply this security update, y...
sysPass 1.0.9 - SQL Injection
sysPass 1.0.9 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor...