63 matches found
CVE-2024-30132
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2024-30132 Missing default HTTP security headers affect HCL Nomad server on Domino
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2024-30132 Missing default HTTP security headers affect HCL Nomad server on Domino
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2024-41907
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack...
CVE-2024-41907
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack...
CVE-2024-41907
The CVE-2024-41907 issue affects Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) versions prior to 2.0. The root cause described across sources is the web server’s lack of general HTTP security headers, enabling higher likelihood of clickjacking. Red Hat and CNVD entries corroborate the same ...
Malicious code in Be.Vlaandereո.Basisregisters.AspNetCore.Mvc.Middlewаre.AddHttpSeсurityHeаders (NuGet)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-4958 Stackrox: missing http security headers allows for clickjacking in web ui
In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...
PT-2023-28153
Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2023.9.0 Description The issue concerns the omission of HTTP security headers, including the X-Frame-Options header, in Home Assistant server. This omission facilitates covert clickjacking attacks and other...
Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.4.2 security update
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
CVE-2022-27219
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...
CVE-2022-27220
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...
CVE-2022-27219
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...
Code injection
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...
CVE-2022-27220
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...
CVE-2022-27219
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...
QNAP QTS / QuTS hero Insufficient HTTP Security Headers (QSA-21-03)
The version of QNAP QTS or QuTS hero on the remote host is affected by a vulnerability involving insufficient HTTP security headers. This vulnerability allows remote attackers to launch privacy and security attacks. Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2021-43195
In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing...
Security feature bypass
In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing...
JetBrains Security Bulletin Q3 2021
JetBrains Security JetBrains Security Bulletin Q3 2021 Robert Demmer In the third quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity ...