Hitachi Energy Retail Operations和Hitachi Energy Counterparty Settlement and Billing 安全漏洞

Hitachi Retail Operations and Hitachi Counterparty Settlement and Billing are both products of Hitachi, Japan.Hitachi Retail Operations is the most comprehensive solution for the retail energy market. It provides utility data management, customer contract management, revenue and load forecasting,...

Mozilla Firefox Security Advisory (MFSA2015-130) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2020-27181

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

CVE-2020-27181

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

Hardcoded credentials

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

CVE-2020-27181

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

CVE-2020-27181

The CVE-2020-27181 entry concerns the Java applet of konzept-ix PubliXone (before 2020.015) with a hardcoded AES key in CipherUtils.java. This flaw enables attackers to craft password-reset tokens or decrypt server-side configuration files, per the primary description. Connected records corrobora...

CVE-2020-14556

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Remote Code Execution (RCE)

The IcedTea-Web is vulnerable to denial of service DoS. A flaw was found in the same-origin policy implementation in the IcedTea-Web browser plug-in. A malicious Java applet could use this flaw to open network connections to hosts other than the originating host, violating the same-origin policy...

AxiomSL Axiom Google Web Toolkit module security vulnerability (CNVD-2019-42884)

AxiomSL is a financial institution that provides a corporate strength platform and relevant industry expertise to address key regulatory and risk requirements. A security vulnerability exists in the AxiomSL Axiom java applet module version 9.5.3 and earlier. No detailed vulnerability details are...

AxiomSL Axiom Google Web Toolkit Module Security Vulnerability

AxiomSL is a financial institution that provides a corporate strength platform and relevant industry expertise to address key regulatory and risk requirements. A security vulnerability exists in the AxiomSL Axiom java applet module version 9.5.3 and earlier. No detailed vulnerability details are...

AxiomSL Axiom java applet module security vulnerability

AxiomSL is a financial institution that provides a corporate strength platform and relevant industry expertise to address key regulatory and risk requirements. A security vulnerability exists in the AxiomSL Axiom java applet module version 9.5.3 and earlier. No detailed vulnerability details are...

CVE-2015-5463

AxiomSL's Axiom java applet module used for editing uploaded Excel files and associated Java RMI services 9.5.3 and earlier allows remote attackers to 1 access data of other basic users through arbitrary SQL commands, 2 perform a horizontal and vertical privilege escalation, 3 cause a Denial of...

CVE-2015-5463

AxiomSL's Axiom java applet module used for editing uploaded Excel files and associated Java RMI services 9.5.3 and earlier allows remote attackers to 1 access data of other basic users through arbitrary SQL commands, 2 perform a horizontal and vertical privilege escalation, 3 cause a Denial of...

CVE-2015-5463

CVE-2015-5463 affects AxiomSL’s Axiom java applet module (used for editing uploaded Excel files and related Java RMI services) version 9.5.3 and earlier. The connected documents corroborate multiple dangerous impacts: remote attackers can (1) access data of other basic users via arbitrary SQL com...

Information Disclosure

icedtea-web is vulnerable to information disclosure attacks. The vulnerability exists as the LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary...

Unauthorized Time Zone Modification

IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server has a vulnerability which affects the time zone information of the application. The vulnerability is possible because java.util.TimeZone fails to prevent the untrusted Java application or applet to change the time zo...

MS03-011: Flaw in the Microsoft VM could enable system compromise

The Microsoft virtual machine Microsoft VM update that was previously listed in this article is no longer available. For more information, visit the following Microsoft Web pages: http://www.microsoft.com/mscorp/java/default.mspxhttp://support.microsoft.com/gp/lifean12Technical UpdateJuly 17, 200...

Bomgar Remote Support Portal (RSP) Path Traversal

Hey, The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal RSP 1. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP deployments. The JavaStart version 52970 and prior were...

SET v7.7 - The Social-Engineer Toolkit “Blackout”

The Social-Engineer Toolkit SET was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two...