EUVD-2023-31741

Malicious code in bioql PyPI...

CVE-2023-37523 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags

Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser...

CVE-2023-37522 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser...

CVE-2023-37522 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser...

HCL Technologies BigFix OSD Security Vulnerability

HCL Technologies BigFix OSD is part of a lifecycle management software from HCL Technologies, Inc. It is used for the deployment of operating systems. A security vulnerability exists in HCL Technologies BigFix Bare OSD Metal Server WebUI 311.19 and prior versions, which stems from the inclusion o...

CVE-2023-28006

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-28006

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-28016

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...

Design/Logic Flaw

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...

CVE-2023-28016 HCL BigFix OSD Bare Metal Server is affected by a host header injection vulnerability

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...

CVE-2023-28016

CVE-2023-28016 affects HCL BigFix OSD Bare Metal Server versions 311.12 or lower, via a Host Header Injection vulnerability that enables a redirect to an attacker‑controlled domain. Root cause is improper handling of host header input leading to external redirects. Impact is a user redirection to...

CVE-2023-28016 HCL BigFix OSD Bare Metal Server is affected by a host header injection vulnerability

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain...

CVE-2023-28006 HCL BigFix OSD Bare Metal Server is affected by a weak cryptographic algorithm.

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-23343 HCL BigFix OSD Bare Metal Server version 311.12 or lower is affected by a clickjacking vulnerability.

A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain...

PT-2023-21474 · Unknown · Osd Bare Metal Server

Name of the Vulnerable Software and Affected Versions: OSD Bare Metal Server affected versions not specified Description: The issue concerns the use of a cryptographic algorithm in the OSD Bare Metal Server that is no longer considered sufficiently secure. Recommendations: At the moment, there is...

PT-2023-21482 · Hcl · Hcl Bigfix Osd Bare Metal Server

Name of the Vulnerable Software and Affected Versions: HCL BigFix OSD Bare Metal Server versions 311.12 or lower Description: The issue allows an attacker to supply invalid input, causing the server to perform a redirect to an attacker-controlled domain. This is achieved through a Host Header...