43 matches found
CVE-2025-62309
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...
EUVD-2025-209850
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...
CVE-2025-62309
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...
CVE-2025-62309 HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields.
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...
PT-2026-40952
HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...
HCL AION 安全漏洞
HCL AION is an AI lifecycle management platform developed by the Indian company HCL. HCL AION has a security vulnerability, which stems from the use of autocompletion features for certain input fields. This may lead to sensitive information being stored in the browser, potentially causing...
AVTECH Room Alert Cleartext Storage of Sensitive Information (CVE-2024-33470)
When an administrator authenticates with the device and browses the settings pages, the SMTP password is loaded from the device and presented in the DOM in plaintext. When settings are saved, the SMTP credentials are sent back to the device in plain text. This allows an actor with administrative...
CVE-2025-66605
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the autocomplete attribute enabled, the input content could be saved in the browser the user is using. The affected products and versions are as follows:...
CVE-2025-66605
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the autocomplete attribute enabled, the input content could be saved in the browser the user is using. The affected products and versions are as follows:...
CVE-2025-66605
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the autocomplete attribute enabled, the input content could be saved in the browser the user is using. The affected products and versions are as follows:...
CVE-2025-66605
CVE-2025-66605 affects Yokogawa FAST/TOOLS. The flaw arises from input fields on the affected web pages that use autocomplete, allowing input content to be saved in the user’s browser. Affected products/versions: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01–R10.04. The avail...
Tenda W30E security vulnerabilities
The Tenda W30E is a router produced by the Chinese company Tenda. The Tenda W30E V2 and earlier versions have security vulnerabilities. These vulnerabilities stem from the lack of appropriate cache control instructions, which may lead to the storage of credentials in the browser’s local storage...
EUVD-2021-0792
Malware in sbrugna...
CVE-2025-61197
CVE-2025-61197 affects Orban Optimod family (5950, 5950HD, 5750, 5750HD, Trio) with version 1.0.0.33 up to 2.5.26. The root cause is that the application stores user privilege/role information in the client-side browser storage, enabling a remote attacker to escalate privileges. CVSS data in the ...
Orban多款产品 安全漏洞
Orban Optimod 5950 and others are a broadcast audio processor from Orban USA. A security vulnerability exists in various Orban products that stems from an application storing user privilege or role information in the client browser storage, which could lead to elevated privileges. The following...
PT-2025-40897
Name of the Vulnerable Software and Affected Versions Orban Optimod 5950 Orban Optimod 5950HD Orban Optimod 5750 Orban Optimod 5750HD Orban Optimod Trio versions 1.0.0.33 through 2.5.26 Description A flaw exists that allows a remote attacker to escalate privileges. The application stores user...
CVE-2025-61197
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 allows a remote attacker to escalate privileges via the application stores user privilege/role information in client-side browser storage...
EUVD-2025-1489
Malicious code in bioql PyPI...
EUVD-2024-1650
Malicious code in bioql PyPI...
Fides' Admin UI User Password Change Does Not Invalidate Current Session
Summary Admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS can maintain access even after password reset. This issue is not directly...