Hcl Technologies Inotes 信息泄露漏洞

HCL iNotes is a software from HCL India that allows management of IBM Domino mail, scheduling of errands, and other office activity management. HCL iNotes suffers from a sensitive cookie disclosure vulnerability. An attacker can exploit this vulnerability to capture cookies by intercepting the...

CVE-2020-29380

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a...

Design/Logic Flaw

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a...

CVE-2020-29380

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a...

CVE-2020-29380

The CVE-2020-29380 affects several V-SOL OLT devices (V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 with versions listed) where TELNET is offered by default and SSH is not consistently available. The root issue is cleartext password transmission enabling interception and a man-in-the-middle attack ...

CVE-2020-29055

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. ...

CVE-2020-29055

CVE-2020-29055 affects CDATA devices (multiple models: 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN...

CVE-2020-29055

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. ...

CVE-2020-8583

Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session...

Session fixation

Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session...

CVE-2020-8583

CVE-2020-8583 affects Element Software before 12.2 and HCI before 1.8P1. The vulnerability allows an attacker to discover sensitive information by intercepting data in an HTTPS session. In the provided documents, the affected versions and the nature of the exposure are stated, with high-impact co...

Medium: ibus

Issue Overview: A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the...

NetApp Netapp E-Series SANtricity OS Controller Software Information Disclosure Vulnerability

NetApp Netapp E-Series SANtricity OS Controller Software is a disk array OS control software from American NetApp. A security vulnerability exists in SANtricity OS Controller Software version 11.50.1 and later versions, which can be exploited by an attacker to discover sensitive information by...

CVE-2020-8577

SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session...

CVE-2020-8577

SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session...

Apple iOS and Apple iPadOS Data Forgery Issue Vulnerability

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products, which can be exploited by an attacker to intercept...

Synology Router Manager Information Disclosure Vulnerability (CNVD-2020-60453)

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. of Taiwan, China. A security vulnerability exists in Synology Router Manager SRM versions prior to 1.2.4-8081, which stems from not setting a security flag for a session cookie in an HTTPS...

Synology DiskStation Manager Information Disclosure Vulnerability

Synology DiskStation Manager DSM is a product of Synology Inc. of Taiwan, China DSM, etc. Synology DiskStation Manager is a set of operating systems for use on networked storage servers NAS.HTTPS Hypertext Transfer Protocol Secure, etc. are products of HTTPS, a web-based secure transfer protocol,...

CVE-2020-27650

Synology DiskStation Manager DSM before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session...

CVE-2020-27651

Synology Router Manager SRM before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session...