36 matches found
EUVD-2022-45520
Malicious code in bioql PyPI...
EUVD-2023-41390
Malicious code in bioql PyPI...
CVE-2025-0280
A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access...
CVE-2025-0280
A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access...
CVE-2025-0280
CVE-2025-0280 affects HCL Compass. Multiple sources describe a vulnerability that could allow an attacker to gain unauthorized access to the database. The NVD entry lists CVSS 3.1 vectors: Local attack, high impact on confidentiality/integrity/availability, high attack complexity, low privileges ...
CVE-2025-0280 HCL Compass is affected by a security vulnerability
A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access...
CVE-2025-0280 HCL Compass is affected by a security vulnerability
A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access...
HCL Compass 安全漏洞
HCL Compass is a low-code change management software from HCL India. Managing the full range of testing activities and integration with developer tools. HCL Compass suffers from a security vulnerability that stems from could lead to unauthorized access to the database by an attacker...
CVE-2022-42447
HCL Compass is vulnerable to Cross-Origin Resource Sharing CORS. This vulnerability can allow an unprivileged remote attacker to trick a legitimate user into accessing a special resource and executing a malicious request...
CVE-2023-37503
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...
CVE-2023-37503
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...
Default credentials
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...
CVE-2023-37503 A weak password requirements vulnerability affects HCL Compass
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...
CVE-2023-37503
Summary: CVE-2023-37503 affects HCL Compass and describes weak/insecure password requirements that could allow unauthorized access to user accounts. The connected documents consistently reference HCL Compass and the risk of easily guessing passwords, but do not provide concrete attacker vectors, ...
CVE-2023-37503 A weak password requirements vulnerability affects HCL Compass
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...
CVE-2023-37504
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user...
Design/Logic Flaw
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user...
CVE-2023-37504 An insufficient session expiration vulnerability affects HCL Compass
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user...
CVE-2023-37504 An insufficient session expiration vulnerability affects HCL Compass
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user...
CVE-2023-37504
The CVE-2023-37504 entry covers HCL Compass failing to invalidate authenticated sessions on logout. If a session ID is discovered, it can be replayed to impersonate the user. Public sources in connected docs corroborate an Access/Session-Expiration issue but do not specify a vendor patch version;...