8 matches found
CVE-2025-23182
CWE-203: Observable Discrepancy...
Security Bulletin: IBM Sterling B2B Integrator is Vulnerable to Information Disclosure (CVE-2024-45089)
Summary IBM Sterling B2B Integrator has addressed the information disclosure vulnerability Vulnerability Details CVEID:CVE-2024-45089 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an...
Security Bulletin: IBM Technical Support Appliance - possible exposure of sensitive information
Summary RSA-PSK key exchange occurs when establishing a connection from a web browser to the IBM Technical Support Appliance web UI. Vulnerability Details CVEID:CVE-2024-0553 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive information. By perform a timing side-channel attack...
Security Bulletin: IBM Technical Support Appliance - possible exposure of sensitive information
Summary RSA-PSK key exchange occurs when establishing a connection from a web browser to the IBM Technical Support Appliance web UI. Vulnerability Details CVEID:CVE-2023-5981 DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing sidechannel issu...
Hitachi Energy RTU500 series
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Observable Discrepancy, Buffer Over-read, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
HealthForYou 1.11.1 / HealthCoach 2.9.2 User Enumeration Vulnerability
User enumeration through API Overview Advisory ID: TRSA-2104-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-01 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested versions: HealthForYou 1.11.1...
Avolve Software ProjectDox Multiple Vulnerability Disclosure
--------------------------------------------------------------------- Product: ProjectDox Vendor: Avolve Software Vulnerable Version: 8.1 Tested Version: 8.1 Vendor Notification: May 30, 2014 Public Disclosure: September 3, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...
Tyler Technologies TaxWeb 3.13.3.1 contains multiple vulnerabilities
Overview Tyler Technologies TaxWeb 3.13.3.1 and possibly earlier versions contain cross-site request forgery CWE-352, information exposure CWE-203, and reflected cross-site scripting CWE-79 vulnerabilities. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2013-6018TaxWeb 3.13.3.1...