8 matches found
EUVD-2023-43603
Malicious code in bioql PyPI...
Command Execution Vulnerability in Business Integrated Management Platform of Puyuan Information Technology Company Limited (CNVD-2024-24191)
Puyuan Information Technology Co., Ltd. is a professional provider of software infrastructure platform products and solutions. A command execution vulnerability exists in the Business Integrated Management Platform of Puyuan Information Technology Co., Ltd. that can be exploited by an attacker to...
The vulnerability of the unified management system of the Fujitsu Software Infrastructure Manager, related to unencrypted storage of user credentials, allows a perpetrator to escalate their privileges.
The vulnerability of the unified management system of the Fujitsu Software Infrastructure Manager lies in the unencrypted storage of account data. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by gaining access to the account data stored on the proxy...
CVE-2023-39903
An issue was discovered in Fujitsu Software Infrastructure Manager ISM before 2.8.0.061. The ismsnap component in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log allows insecure collection and storage of authorization credentials in cleartext...
CVE-2023-39379
Fujitsu Software Infrastructure Manager ISM stores sensitive information at the product's maintenance data ismsnap in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software...
Fujitsu Software Infrastructure Manager Security Vulnerability
Fujitsu Software Infrastructure Manager is an infrastructure manager from Fujitsu Japan. A security vulnerability exists in Fujitsu Software Infrastructure Manager, which arises from sensitive information being stored in plaintext in product maintenance data ismsnap...
DevSecOps: Building Continuous Security Into IT and App Infrastructures
With software now at the heart of essential business processes, organizations must build security into their IT and application development pipeline to prevent breaches, avoid compliance violations, and protect digital transformation initiatives. This especially applies to organizations creating...
Apple Hires New Security Chief
Apple has hired a software security expert to head up its growing internal security group. The company has hired David Rice, a former National Security Agency analyst and consultant on security issues, according to reports. Rice is currently the director of policy reform at the U.S. Cyber...