Dell PowerProtect Data Domain（Dell PowerProtect DD） 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There is a security vulnerability in Dell PowerProtect Data Domain Dell PowerProtect DD, which stems from improper...

EUVD-2023-2006

Malicious code in bioql PyPI...

CVE-2023-32263

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when th...

CVE-2021-42791

An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push notifications for VeridiumAD enrolled users does not enforce proper access control. A user can trigger push notifications for any other user. The text contained in the push notification can also be modified...

Information Disclosure

org.jenkins-ci.plugins:dimensionsscm is vulnerable to Information Disclosure. A remote authenticated attacker is able to retrieve a login certificate of a victim via tricking them into using an attacker-controlled Dimensions CM server, resulting in disclosure of sensitive information...

CVE-2023-32263

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when th...

Code injection

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when th...

CVE-2023-32263 Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when th...

CVE-2023-32263

Technical details about CVE-2023-32263 are not publicly available in the supplied documents. Monitor for updates from vendors and security advisories.

CVE-2023-32263 Dimensions CM Plugin for Jenkins 0.8.17 – 0.9.3

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when th...

Trend Micro Mobile Security for iOS Man-in-the-Middle Attack Vulnerability

Trend Micro Mobile Security for iOS is a set of iOS-based mobile security software from Trend Micro that integrates mobile security scanning, real-time protection against malicious programs and monitoring of malicious behavior. A man-in-the-middle attack vulnerability exists in versions prior to...

WPS Office Man-in-the-Middle Attack Vulnerability in Android Version

WPS Office is an office software suite developed independently by Kingsoft Corporation. There is a man-in-the-middle attack vulnerability in WPS Office for Android, where the software does not verify the validity of the TLS certificate when submitting a login request, which can lead to a...