12 matches found
PT-2024-37395 · Hamastar · Hamastar Meetinghub Paperless Meetings
Name of the Vulnerable Software and Affected Versions: Hamastar MeetingHub Paperless Meetings version 2021 Description: A Plaintext Storage of a Password issue in the ebooknote function allows remote attackers to obtain other users' credentials and gain access to the product via an XML file...
IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...
IBM i Access Client Solutions Remote Credential Theft Vulnerability
IBM i Access Client Solutions ACS versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 suffer from a remote credential theft vulnerability. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
IBM i Access Client Solutions Remote Credential Theft
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...
Security Bulletin: IBM i Access Client Solutions is vulnerable to remote credential theft when NTLM is enabled on Windows workstations
Summary IBM i Access Client Solutions ACS is vulnerable to remote credential theft when NT LAN Manager NTLM is enabled on Windows workstations CVE-2024-22318. Since IBM i Access Client solutions allows Universal Naming Convention UNC paths in its configuration files, if a path is modified to poin...
PT-2023-21053 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.2-64561 Description: The issue concerns the use of insufficiently random values in the User Management Functionality, allowing remote attackers to obtain user credentials via unspecified...
CVE-2019-4724
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130...
CVE-2021-22860
EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary...
Download: 'Coronavirus Cyber Security for Management' Template for CISOs
The Coronavirus crisis introduces critical operational challenges to business continuity, placing high stress on organizations' management. As a result, CIOs and CISOs face a double challenge on the cyber risk front – apart from the new risks that the mass transfer of employees working remotely...
CVE-2019-19843
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...
PT-2018-18717 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue allows remote attackers to steal credentials. Recommendations: For versions prior to 6.1.6-15266, update to version 6.1.6-15266 or later to resolve the issu...
CVE-2007-2149
Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in 1 classes/vars.php and 2 classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the files, and allows remote attacker...