4 matches found
mit-university.net Open Redirect vulnerability OBB-4034345
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a TOCTOU Race Condition vulnerability in Apache Tomcat [CVE-2024-56337]
Summary IBM Watson Speech Services Cartridge is vulnerable to a Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat, caused by JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. CVE-2024-56337. Apache Tomcat is used by our...
SA40006 - Details on fixes for SSL/TLS MITM vulnerability (CVE-2014-0224)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. The following products and versions are vulnerable to the OpenSSL vulnerability CVE-2014-0224 The vulnerability exists when both the client AND the server are vulnerable. Server-side:...
OpenSSL 'Heartbleed' Vulnerability
A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extension. This may allow an attacker to decrypt traffic or perform other attacks. OpenSSL...