34 matches found
CVE-2022-42446 HCL Sametime 12.0 and 12.0FP1 anonymous users have directory lookup access
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users...
Intermittent Session Launch Failure with Active/Active StoreFront Server Groups
Users intermittently fail to receive ICA files from StoreFront when trying to launch a new session in the following circumstances all of the below conditions must apply: Multiple active StoreFront server groups are in use, connected by GSLB, configured either for direct access or authentication...
CVE-2021-25643
An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or...
CVE-2020-24680
In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...
Design/Logic Flaw
In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...
CVE-2020-24680 Improper Credential Storage in Symphony Plus
In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...
CVE-2018-15641
Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...
CVE-2018-15641
Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...
CVE-2018-14862
Incorrect access control in the mail templating system in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated internal users to delete arbitrary menuitems via a crafted RPC request...
CVE-2018-14862
CVE-2018-14862 affects Odoo, specifically Community 11.0 and earlier and Enterprise 11.0 and earlier. The root cause is an incorrect access control in the mail templating system, which allows authenticated internal users to delete arbitrary menuitems via a crafted RPC request. Documented in multi...
Various Connection Method Behaviours of Mobile Citrix Receiver with StoreFront and NetScaler Gateway
The following scenarios provide an understanding of when to use the StoreFront server FQDN and/or NetScaler Gateway FQDN in an App Controller solution when connecting from a mobile device: Internal Users Connecting to StoreFront Server Scenario 1 – Legacy PNA Site and No Store Available Scenario ...
How to Use Listen Policy to Create Virtual Servers with Same IP and Perform Selective Dual Authentication
You can use the Listen Policy feature of Citrix ADC NetScaler to use the same IP and FQDN and have selective authentication on the basis of the IP range. Example : Single authentication for internal users and dual authentication for external users...
Cannot Reconnect to a Disconnected Session from a Wyse Client
If by any chance any sessions gets disconnected then while trying to reconnect to that session via Wyse terminals the desktop launches properly and the session remains active for only 10-15 sec and then disconnects automatically and this behavior continues. Everything works fine from the FAT...
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
ProCheckUp Research http://procheckup.com/procheckup-labs/pr11-07.aspx PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls Vulnerability found: 3rd May 2011 Vendor informed: 20th July 2011 Vulnerability fixed: 16th...