16 matches found
EUVD-2008-0588
Malware in sbrugna...
EUVD-2013-4847
Malware in sbrugna...
EUVD-2024-43973
Malicious code in bioql PyPI...
The vulnerability of the application programming interface for managing policies and security standards of IT infrastructure management tool Tripwire Enterprise (TE) allows a perpetrator to circumvent security restrictions, enhance their privileges, and gain access to read and modify data.
The vulnerability of the application programming interface for managing policies and security standards of IT infrastructure tools like Tripwire Enterprise TE is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to bypass security...
CVE-2024-4332
An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise TE 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This...
CVE-2024-4332 Improper Authentication in Tripwire Enterprise 9.1.0 APIs
An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise TE 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This...
CVE-2024-4332 Improper Authentication in Tripwire Enterprise 9.1.0 APIs
An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise TE 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This...
CVE-2013-5005
Multiple cross-site scripting XSS vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 mtargetclassname, 2 mtargetmethodname, or 3 mrequestcontextparams parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 mtargetclassname, 2 mtargetmethodname, or 3 mrequestcontextparams parameters...
CVE-2013-5005
Multiple cross-site scripting XSS vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 mtargetclassname, 2 mtargetmethodname, or 3 mrequestcontextparams parameters...
CVE-2013-5005
CVE-2013-5005 describes multiple cross-site scripting (XSS) vulnerabilities in Tripwire Enterprise 8.2 and earlier, exploitable via ajaxRequest/methodCall.do. The vulnerability arises through the parameters m_target_class_name, m_target_method_name, or m_request_context_params, which could allow ...
Cross site scripting
Cross-site scripting XSS vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-0578
Cross-site scripting XSS vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-0578
CVE-2008-0578 describes a cross-site scripting (XSS) vulnerability in the web management login page of Tripwire Enterprise 7.0. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD metrics assign a base score of 4.3 (Medium) with network attack...
CVE-2008-0578
Cross-site scripting XSS vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Tripwire Enterprise/Server crossite scripting
Web management interface crossite scripting...