CVE-2026-11419

A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authenticated user can supply a crafted absolute path so that the configured storage root is discarded,...

CVE-2026-11414 Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

CVE-2026-11414

CVE-2026-11414 affects Altium Enterprise Server Vault service. The issue comprises two vulnerabilities: (1) a hard-coded cryptographic key used to sign file download URLs, identical across installations, enabling an unauthenticated network attacker to forge valid signatures and retrieve files fro...

CVE-2026-11414 Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

Altium Enterprise Server 安全漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. There is a security vulnerability in Altium Enterprise Server. This vulnerability stems from the Vault service using hard-coded key-signed download URLs, allowing unauthenticate...

EUVD-2020-25375

Malware in sbrugna...

CVE-2020-4128

HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault service...

CVE-2020-4128

HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault service...

Design/Logic Flaw

HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault service...

CVE-2020-4128

CVE-2020-4128 affects HCL Domino’s ID Vault service, described as a lockout policy bypass that enables an unauthenticated attacker to perform brute-force attempts against the ID Vault. The available connected documents consistently state vulnerability existence and the brute-force risk; they do n...

HCL Domino Security Policy Bypass Vulnerability

HCL Domino is a suite of enterprise-class application development platforms from HCL India. HCL Domino suffers from a security policy bypass vulnerability that can be exploited by an attacker to launch a brute force attack against the ID Vault service...

Hcl Technologies Domino 授权问题漏洞

HCL Domino is a suite of enterprise-class application development platforms from HCL India. HCL Domino suffers from a security policy bypass vulnerability that can be exploited by an attacker to launch a brute force attack against the ID Vault service...