EUVD-2023-43603

Malicious code in bioql PyPI...

EUVD-2023-43104

Malicious code in bioql PyPI...

CVE-2024-33620

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker...

CVE-2024-34024

CVE-2024-34024 is a vulnerability in ID Link Manager and FUJITSU Software TIME CREATOR where an unauthenticated attacker can determine whether a username is valid due to an observable response discrepancy. Affected products/versions (per sources) include: ID Link Manager II ≤1.8, ID Link Manager ...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

CVE-2024-33620

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker...

CVE-2024-33620

CVE-2024-33620 affects Fujitsu ID Link Manager and FUJITSU Software TIME CREATOR. The issue is a path traversal vulnerability (CWE-36) that may allow an unauthenticated remote attacker to retrieve file contents containing sensitive information on the server. According to JVN, affected products/ve...

CVE-2024-33620

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker...

CVE-2024-33622

CVE-2024-33622 affects Fujitsu ID Link Manager and FUJITSU Software TIME CREATOR. The vulnerability is due to Missing authentication for a critical function , allowing a remote authenticated attacker to obtain sensitive information and/or cause unauthorized changes to database contents. Affected ...

JVN#65171386: Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal CWE-36 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Base Score 8.6 CVE-2024-33620 Missing Authentication CWE-306...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu Software Infrastructu...

Fujitsu Software Infrastructure Manager

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Low attack complexity Vendor: Fujitsu Software Equipment: Infrastructure Manager Vulnerability: Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker retrieving...

CVE-2023-39903

An issue was discovered in Fujitsu Software Infrastructure Manager ISM before 2.8.0.061. The ismsnap component in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log allows insecure collection and storage of authorization credentials in cleartext...

Fujitsu Software Infrastructure Manager Security Vulnerability

Fujitsu Software Infrastructure Manager is an infrastructure manager from Fujitsu Japan. A security vulnerability exists in Fujitsu Software Infrastructure Manager prior to version 2.8.0.061, which stems from the ismsnap component collecting and storing authorization credentials in plaintext. A...

CVE-2023-39903

An issue was discovered in Fujitsu Software Infrastructure Manager ISM before 2.8.0.061. The ismsnap component in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log allows insecure collection and storage of authorization credentials in cleartext...

CVE-2023-39379

Fujitsu Software Infrastructure Manager ISM stores sensitive information at the product's maintenance data ismsnap in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software...