Supportability- Remote Support on Android Devices with Samsung Knox

Remote Support on Android Devices are only supported with Samsung Knox. There are two types of remote support one can enable for a Samsung KNOX device: Basic Support: This allows us to view diagnostic information about the device,for examplesystem information, processes that are running, task...

WordPress WPJAM Basic plugin <= 6.6.1.2 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin WPJAM Basic versions = 6.6.1.2...

WordPress WPJAM Basic Plugin <= 6.6.2 is vulnerable to Backdoor

Software WPJAM Basic Type Plugin Vulnerable versions = 6.6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Denishua PSID 1065bbb5d5e9 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

CVE-2023-41926

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...

CVE-2023-41926 Insufficiently protected credentials in Kiloview P1/P2 devices

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...

CVE-2023-41926

CVE-2023-41926 affects Kiloview P1/P2 devices with a web server that uses basic authentication over HTTP (port 80). Lack of encryption allows eavesdropping of credentials and potentially unauthorized access to the configuration interface. The CVSSv3.1 vector indicates network access, low attack c...

CVE-2023-41926 Insufficiently protected credentials in Kiloview P1/P2 devices

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...

PT-2024-13015 · Kiloview · P1/P2 +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue concerns the use of basic authentication for user login to the configuration interface of a webserver. Since encryption is disabled on port 80, this setup allows potential...

CVE-2024-6403

A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched...

SUSE CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

GO-2024-2947 Leak of sensitive information to log files in github.com/hashicorp/go-retryablehttp

URLs were not sanitized when writing them to log files. This could lead to writing sensitive HTTP basic auth credentials to the log file...

Malicious code in acpc-poker-basic_proxy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-6104

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information. Mitigation Mitigation for this issue is either not available or the currently...

AZL-42904 CVE-2024-6104 affecting package keda for versions less than 2.14.0-2

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

AZL-42922 CVE-2024-6104 affecting package rook for versions less than 1.6.2-21

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

AZL-42898 CVE-2024-6104 affecting package prometheus for versions less than 2.45.4-3

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

AZL-42936 CVE-2024-6104 affecting package influxdb for versions less than 2.6.1-15

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

AZL-42874 CVE-2024-6104 affecting package packer for versions less than 1.9.5-2

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

AZL-42942 CVE-2024-6104 affecting package keda for versions less than 2.4.0-22

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...