16589 matches found
PT-2024-5914 · Cisco · Cisco Smart License Utility
Name of the Vulnerable Software and Affected Versions: Cisco Smart Licensing Utility affected versions not specified Description: A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessiv...
Security Bulletin: Vulnerabilities in Golang Go affect watsonx.data
Summary Golang Go has multiple vulnerabilities that include HTTP request smuggling, remote attacks to obtain sensitive information, denial of service, and unspecified errors with return an incorrect results. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-1705 DESCRIPTION:...
Security Bulletin: Vulnerabilities in Netty affect watsonx.data
Summary Netty is vulnerable to HTTP request smuggling, to remote attacks causing weaker than expected security, and to denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw...
CVE-2024-45588
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45588
The CVE-2024-45588 entry describes a vulnerability in Symphony XTS Web Trading platform, version 2.0.0.1_P160, caused by improper access controls in the APIs of the Preference module. An authenticated remote attacker can manipulate HTTP parameters to access and modify sensitive information belong...
CVE-2024-45588 Information Disclosure Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45587 Unauthorized Modification Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45587 Unauthorized Modification Vulnerability
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45587
The CVE-2024-45587 issue affects Symphony XTS Web Trading platform 2.0.0.1_P160, arising from improper access controls in the APIs of the Transaction module. An authenticated remote attacker could manipulate parameters via HTTP requests to compromise other user accounts. The vulnerability is docu...
CVE-2024-45586 Account Take Over Vulnerability
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586 Account Take Over Vulnerability
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586
CVE-2024-45586 affects Symphony XTS Web Trading and Mobile Trading platforms, version 2.0.0.1_P160. The root cause is improper access controls in the Authentication module’s APIs. An authenticated, remote attacker can manipulate HTTP request parameters to perform an unauthorized account takeover ...
CVE-2024-5412
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50ABOM.8C0 could allow an unauthenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...
CVE-2024-6343
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16 through...
CVE-2024-6343
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16 through...
CVE-2024-5412
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50ABOM.8C0 could allow an unauthenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...
CVE-2024-5412
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50ABOM.8C0 could allow an unauthenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a vulnerable device...
CVE-2024-5412
CVE-2024-5412 affects Zyxel VMG8825-T50K firmware 5.50(ABOM.8)C0, where a buffer overflow in the libclinkc library could allow an unauthenticated attacker to cause DoS by sending a crafted HTTP request. Connected sources confirm the component and impact; exploitation status is not detailed. Some ...