EUVD-2024-39645

Malicious code in bioql PyPI...

EUVD-2024-39607

Malicious code in bioql PyPI...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-42493

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login...

Dorsett Controls InfoScan Web Portal Detection

Binary data dorsettcontrolsinfoscanwebdetect.nbin...

Dorsett Controls InfoScan < 1.38 Multiple Vulnerabilities (July 2024)

The version of Dorsett Controls InfoScan running on the remote host is prior to 1.38. It is, therefore, affected by multiple vulnerabilities: - Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. CVE-2024-392...

CVE-2024-42493

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login...

CVE-2024-42493

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login...

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-42408

The CVE-2024-42408 issue affects Dorsett Controls InfoScan (pre-1.38): the InfoScan client download page can be intercepted by a proxy, exposing locally stored filenames and potentially leading to information exposure. Root cause: path traversal in the download page handling allows leakage when a...

CVE-2024-42408 Dorsett Controls InfoScan Path Traversal

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure...

CVE-2024-42493 Dorsett Controls InfoScan Exposure of Sensitive Information To An Unauthorized Actor

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login...

CVE-2024-42493 Dorsett Controls InfoScan Exposure of Sensitive Information To An Unauthorized Actor

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login...

CVE-2024-42493

CVE-2024-42493 affects Dorsett Controls InfoScan. The vulnerability is an exposure/leak of sensitive information via response headers and pre-login JavaScript in InfoScan versions prior to 1.38 (notably v1.32/v1.33/v1.35). Red Hat and ICS advisories corroborate exploitation risk and classify the ...

Dorsett Controls InfoScan

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Dorsett Controls Equipment : InfoScan Vulnerabilities : Exposure of Sensitive Information To An Unauthorized Actor, Path Traversal 2. RISK EVALUATION Successful exploitation of these...

Dorsett Controls InfoScan 信息泄露漏洞

Dorsett Controls InfoScan is an industrial information scanner from Dorsett Controls, USA. An information disclosure vulnerability exists in Dorsett Controls InfoScan versions 1.32, 1.33, and 1.35, which originates from an unprotected file containing passwords and API keys, resulting in an...