23 matches found
EUVD-2024-28047
HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breache...
EUVD-2024-28045
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...
AEX-NStep: Probabilistic Interrupt Counting Attacks on Intel SGX
To mitigate interrupt-based stepping attacks notably using SGX-Step, Intel introduced AEX-Notify, an ISA extension to Intel SGX that aims to prevent deterministic single-stepping. In this work, we introduce AEX-NStep, the first interrupt counting attack on AEX-Notify-enabled Enclaves. We show tha...
CVE-2024-30135
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken...
CVE-2024-30135 Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken...
CVE-2024-30135
Technical details about CVE-2024-30135 (impacted product/version, vulnerable component, exploit info) are not publicly provided in the supplied documents. Monitor for updates from the vendors and security advisories.
CVE-2024-30135 Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken...
CVE-2024-30111
HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breache...
CVE-2024-30110
HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways...
CVE-2024-30110
HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways...
CVE-2024-30111 Missing Root Detection vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breache...
CVE-2024-30111 Missing Root Detection vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breache...
CVE-2024-30111
The CVE-2024-30111 entry concerns HCL DRYiCE AEX mobile app with a Missing Root Detection vulnerability. Connected sources (EUVD-2024-28047, NVD/NVD-like records, CVE list) indicate the vulnerability affects DRYiCE AEX v10 and is tied to rooted-device bypass, enabling unauthorized access on roote...
CVE-2024-30110 Lack of input validation vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways...
CVE-2024-30110 Lack of input validation vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways...
CVE-2024-30109
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...
CVE-2024-30109
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...
CVE-2024-30109
The CVE-2024-30109 entry concerns HCL DRYiCE AEX: the AEX web application lacks clickjacking protection, enabling an attacker to present layered transparent/opaque frames to lure a user into clicking a control on a different page. Affected component: AEX web application. Root cause: missing prote...
CVE-2024-30109 Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...
CVE-2024-30109 Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10
HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...