8 matches found
EUVD-2023-28494
Malicious code in bioql PyPI...
CVE-2023-24476
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid...
Code injection
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid...
CVE-2023-24476
CVE-2023-24476 affects PTC Vuforia Studio (all versions prior to 9.9 per CISA ICS bulletin). The root issue is Improper Authorization: an attacker with local access could record traffic and resend requests, bypassing server authentication for user/session validity. Documented impact focuses on lo...
CVE-2023-24476 PTC Vuforia Studio Improper Authorization
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid...
CVE-2023-24476 PTC Vuforia Studio Improper Authorization
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid...
CVE-2021-27756
Affected software: HCL BigFix Compliance (up to v2.0.5). Vulnerability: TLS-RSA cipher suites are not disabled, enabling an attacker to passively record traffic and potentially decrypt it if TLS 2.0 and secure ciphers are not enabled. Impact: Confidentiality of communications could be compromised...
CVE-2021-27756
"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."...