30 matches found
EUVD-2020-26079
Malware in sbrugna...
EUVD-2009-3871
Malware in sbrugna...
EUVD-2015-5022
Malware in sbrugna...
EUVD-2024-52843
Malicious code in bioql PyPI...
EUVD-2024-52844
Malicious code in bioql PyPI...
CVE-2024-55897
IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2024-55896
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...
Security Bulletin: IBM PowerHA SystemMirror for IBM i is vulnerable to multiple vulnerabilities in the PowerHA Web Interface [CVE-2024-55897, CVE-2024-55896]
Summary The IBM PowerHA SystemMirror for IBM i Web Interface is vulnerable to obtaining cookie values CVE-2024-55897 and hijacking the clicking action of users CVE-2024-55896 as described in the vulnerability details section. The PowerHA Web Interface allows easy management of PowerHA operations...
CVE-2024-55897
IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2024-55896
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...
CVE-2024-55897 IBM PowerHA SystemMirror for i information disclosure
IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2024-55897 IBM PowerHA SystemMirror for i information disclosure
IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2024-55897
Summary: CVE-2024-55897 affects IBM PowerHA SystemMirror for IBM i versions 7.4 and 7.5. The issue is that authorization tokens and session cookies do not have the Secure attribute set, enabling cookie values to be exposed if a user visits an insecure (HTTP) link or a page with such a link, allow...
CVE-2024-55896
CVE-2024-55896 affects IBM PowerHA SystemMirror for IBM i, versions 7.4 and 7.5. The issue is improper restrictions when rendering content via iFrames, potentially allowing an attacker to gain improper access and perform unauthorized actions on the system. IBM’s bulletin lists fix actions: apply ...
CVE-2024-55896 IBM PowerHA SystemMirror for i clickjacking
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...
CVE-2024-55896 IBM PowerHA SystemMirror for i clickjacking
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system...
PT-2024-36606 · Ibm · Ibm Powerha Systemmirror
Name of the Vulnerable Software and Affected Versions: IBM PowerHA SystemMirror for i versions 7.4 through 7.5 Description: The issue is related to improper restrictions when rendering content via iFrames, which could allow an attacker to gain improper access and perform unauthorized actions on t...
IBM PowerHA Information Disclosure Vulnerability
IBM PowerHA is a U.S. IBM company based on fault detection, failover technology for IT equipment to provide stability energy security equipment. An information disclosure vulnerability exists in IBM PowerHA version 7.2 that allows a local attacker to exploit the vulnerability to obtain sensitive...
CVE-2020-4832
IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969...
Design/Logic Flaw
IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969...