Galaxy Software Services Vitals ESP 信任管理问题漏洞

Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. A trust management issue vulnerability exists in Vitals ESP versions 3.0.8 through 6.2.0, which arises from the use of a hard-coded encryption key that can be exploited by an...

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

Hardcoded credentials

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

CVE-2023-32476

Dell Hybrid Client v2.0 has a local‑access vulnerability where an unauthenticated attacker can read hard-coded secrets from JavaScript files, causing sensitive data exposure. Affected software: Dell Hybrid Client (version 2.0). Root cause: hard-coded secrets in JavaScript files. Impact: confident...

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

Juniper Junos OS Vulnerability (JSA11141)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11141 advisory. - This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over...

Dell Hybrid Client 信息泄露漏洞

Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. An information disclosure vulnerability exists in Dell Hybrid Client version 2.0, which originates from a malicious, unauthenticated user on a device...

PT-2023-23811 · Dell · Dell Hybrid Client

Name of the Vulnerable Software and Affected Versions: Dell Hybrid Client version 2.0 Description: The issue allows an unauthenticated malicious user on the device to access hard-coded secrets in javascript files, resulting in sensitive data exposure. Recommendations: For Dell Hybrid Client versi...

WordPress WordPress Dev Powers – ACF Color Coded Field Types Plugin Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Dev Powers – ACF Color Coded Field Types Plugin Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f5b5cda205c...

CVE-2023-37275 System logs spoofable in Auto-GPT via ANSI control sequences

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of color-coded print statements to signify different types of system messages to the user, including messages that are crucial for the user to...

CVE-2023-37275 System logs spoofable in Auto-GPT via ANSI control sequences

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of color-coded print statements to signify different types of system messages to the user, including messages that are crucial for the user to...

CVE-2023-34123

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

Hardcoded credentials

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

WordPress plugin User Registration 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

SonicWALL Analytics和GMS 加密问题漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...

CVE-2023-34123

CVE-2023-34123 describes a hard-coded cryptographic key vulnerability in SonicWall GMS (versions up to 9.3.2-SP1) and SonicWall Analytics (up to 2.5.0.4-R7). Connected PT-Security advisory notes the issue and recommends upgrading to fixed builds; The THN and NCSC/NV references indicate fixes exis...

CVE-2023-34123

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

PT-2023-3991 · Sonicwall · Sonicwall Gms +1

Name of the Vulnerable Software and Affected Versions: SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier Description: The issue is related to the use of a hard-coded cryptographic key in SonicWall Analytics and SonicWall Global Management System GMS...

SonicWALL GMS和SonicWALL Analytics 信任管理问题漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...