EUVD-2021-14526

Malware in sbrugna...

EUVD-2023-41419

Malicious code in bioql PyPI...

Infinispan caches credentials in clear text

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration...

CVE-2023-5384

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration...

CVE-2023-5384 Infinispan: credentials returned from configuration as clear text

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration...

CVE-2023-5384

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration. Mitigation The issue's impact is limited because...

CVE-2023-37532

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system...

Design/Logic Flaw

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system...

CVE-2023-37532

CVE-2023-37532 affects HCL Commerce Remote Store server. The connected sources describe a directory traversal vulnerability that lets an attacker read arbitrary files on the target system by sending a specially crafted URL. The core issue is a failure to properly sanitize file paths, enabling acc...

CVE-2021-27785

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website...

CVE-2021-27785

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website...

Code injection

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website...

HCL Technologies HCL Commerce Remote Store server 安全漏洞

HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies India. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...

CVE-2021-27785 HCL Commerce could allow a local attacker to obtain sensitive personal information (CVE-2021-27785)

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website...

CVE-2021-27785

CVE-2021-27785 affects HCL Commerce (Remote Store server). The vulnerability could allow a local attacker to obtain sensitive personal information after the victim performs a specific operation on the website. Exploitability is local with low privileges and requires user interaction (UI:R) per CV...

Input validation

Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...