AIPAC Discloses Data Breach, Says Hundreds Affected

AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps...

Pass-Back Attack vulnerability in Konica Minorta bizhub series

Overview Konica Minorta bizhub series provided by Konica Minolta, Inc. contains the following vulnerability. Vulnerability that could allow a Pass-Back Attack CWE-522 - CVE-2025-6081 Konica Minolta, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact...

SAP NetWeaver Process Integration Information Disclosure Vulnerability (CNVD-2024-13560)

SAP NetWeaver Process Integration PI is an SAP enterprise application integration software from SAP, Germany, and is a component of the NetWeaver product group. The component is mainly used for the exchange of information between the internal system and the external. An information disclosure...

SAP NetWeaver Process Integration 信息泄露漏洞

SAP NetWeaver Process Integration PI is an SAP enterprise application integration software from SAP, Germany, and is a component of the NetWeaver product group. The component is mainly used for the exchange of information between the internal system and the external. An information disclosure...

Cross site scripting

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface...

CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface...

PAN-OS: Plaintext Disclosure of External System Integration Credentials

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface. Work around: This issue...

Palo Alto Networks PAN-OS Security Vulnerability

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that originates from a vulnerability that allows an attacker to obtain plaintext credentials for external system integration e.g. LDAP, etc...

Apache Any23 代码问题漏洞

Apache Any23 is a library, Web service, and command-line tool from the Apache Foundation, USA. It can extract structured data in RDF format from a variety of Web documents.Any23 versions prior to 2.7 contain a code issue vulnerability that could be exploited by an attacker to interfere with an...

Mutare Voice Security Feature Issue Vulnerability

A security signature issue vulnerability exists in Mutare Voice EVM 3.x before 3.3.8, which originates when password information is displayed in plaintext on an external system...

CVE-2020-1362

creationtimestamp| type| source ---|---|--- 2020-07-17 08:37:09+00:00| published-proof-of-concept| https://t.me/orderofsixangles/509 2020-07-17 18:03:12+00:00| published-proof-of-concept| https://t.me/cKure/1318 2020-07-18 00:58:04+00:00| published-proof-of-concept| https://t.me/hybgl/322...

CVE-2019-14456

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

Cross site scripting

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

CVE-2019-14456

Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system connected to a serial port on an Opengear console server sends crafted text to a serial port that has logging enabled, the text will b...

CVE-2016-8526

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities XXE. XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attac...

Atlassian JIRA 'Jira-importers-plugin' Cross-Site Request Forgery Vulnerability

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace.Jira-importers-plugin is one of the plugins used to provide the core functionality of the Atlassian product. A cross-site request...

Cross site request forgery (csrf)

The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery CSRF vulnerabilities...

Various Cross-site request forgery(CSRF) vulnerabilities in the Jira-importers-plugin - CVE-2017-18033

The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery CSRF vulnerabilities...

Various Cross-site request forgery(CSRF) vulnerabilities in the Jira-importers-plugin - CVE-2017-18033

The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery CSRF vulnerabilities...

Xen External X86 System Device Emulation Information Disclosure Vulnerability

Xen is an open source virtual machine. Xen has a security vulnerability that allows a malicious HVM Guest to simulate reading sensitive data from other Guests via an external X86 system setting...