CVE-2025-62345

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62316 HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

EUVD-2025-209670

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62345

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62345

Technical details for CVE-2025-62345 are not publicly provided in the supplied documents; no affected versions, exploit information, or remediation details are included. Monitor for updates.

CVE-2025-62345 HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2025-62345

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors...

CVE-2022-31119

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is...

CVE-2025-66075

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...

EUVD-2022-3621

Malicious code in bioql PyPI...

EUVD-2023-32571

Malicious code in bioql PyPI...

CVE-2025-34200

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to...

PT-2025-38599

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments affected versions not specified Description The Vasion Print Virtual Appliance exposes network account credentials in clear-text within the...

Navigating SEBI’s Cloud Security Requirements: A Guide for Regulated Entities

Overview: Who is impacted: The Securities and Exchange Board of India SEBI is the primary regulatory authority for the securities market in India. It was established to protect investor interests and promote market development, but its guidelines also impact cybersecurity professionals at regulat...

CVE-2021-26367

A malicious attacker in x86 can misconfigure the Trusted Memory Regions TMRs, which may allow the attacker to set an arbitrary address range for the TMR, potentially leading to a loss of integrity and availability...

CVE-2021-27450

SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E all firmware versions prior to v04A00.1...

CVE-2019-20027

Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account...

Cloud Transformation Is The Biggest Opportunity To Fix Security

This overview builds on the recent report from Trend Micro Research on cloud-specific security gaps, which can be found here. Don’t be cloud-weary. Hear us out. Recently, a major tipping point was reached in the IT world when more than half of new IT spending was on cloud over non- cloud. So rath...

PT-2019-10198 · Olivier Poitrey · Go Cors Handler

Name of the Vulnerable Software and Affected Versions: Olivier Poitrey Go CORS handler versions 1.3.0 and earlier Description: The issue arises from the active conversion of a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security desig...

PT-2012-6060 · Mariadb Foundation +2 · Mariadb +2

Name of the Vulnerable Software and Affected Versions: MySQL versions 5.5.19 and possibly other versions MariaDB versions 5.5.28a and possibly other versions Description: The issue allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL...