34 matches found
EUVD-2023-31741
Malicious code in bioql PyPI...
EUVD-2023-31731
Malicious code in bioql PyPI...
Design/Logic Flaw
Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser...
CVE-2023-37523 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags
Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser...
CVE-2023-37523
CVE-2023-37523 affects HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower. The vulnerability arises from missing or insecure tags in the WebUI, which could allow an attacker to execute a malicious script in the user’s browser. Affected component is the WebUI frontend of the Bare OSD ...
CVE-2023-37522
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser...
CVE-2023-37521
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack...
CVE-2023-37521
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack...
Information disclosure
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack...
Design/Logic Flaw
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser...
CVE-2023-37522
The CVE-2023-37522 entry concerns HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower, where missing or insecure tags can allow a browser-exploiting XSS attacker to run malicious scripts in a user’s browser. Root cause: insecure/missing tags in the WebUI. Impact: could compromise user ...
CVE-2023-37521
CVE-2023-37521 affects HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower. The issue is described as the inclusion of sensitive information in a query string, which could allow an attacker to execute a malicious attack. Documented impacts are information disclosure with potential abu...
PT-2024-12627 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui
Name of the Vulnerable Software and Affected Versions: HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower Description: The issue concerns the inclusion of sensitive information in a query string, potentially allowing an attacker to execute a malicious attack. Recommendations: For HCL...
PT-2024-12628 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui
Name of the Vulnerable Software and Affected Versions: HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower Description: The issue is related to missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI, which could allow an attacker to execute a malicious script on the...
PT-2024-12629 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui
Name of the Vulnerable Software and Affected Versions: HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower Description: The issue is related to missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI, which could allow an attacker to execute a malicious script on the...
CVE-2023-28016
Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...
CVE-2023-28006
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...
CVE-2023-28016
Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...
Design/Logic Flaw
Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...
CVE-2023-28016
CVE-2023-28016 affects HCL BigFix OSD Bare Metal Server versions 311.12 or lower, via a Host Header Injection vulnerability that enables a redirect to an attacker‑controlled domain. Root cause is improper handling of host header input leading to external redirects. Impact is a user redirection to...