6 matches found
EUVD-2024-28058
Malicious code in bioql PyPI...
CVE-2024-30122
HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers...
CVE-2024-30122 HCL Sametime is impacted by misconfigured security related HTTP headers
HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that some HTTP headers were missing on web service responses. This will lead to less secure browser default treatment for the policies controlled by these headers...
PT-2024-23197 · Hcl · Hcl Sametime
Name of the Vulnerable Software and Affected Versions: HCL Sametime affected versions not specified Description: The issue is related to misconfigured security-related HTTP headers in HCL Sametime. Specifically, some HTTP headers are missing from web service responses, which can lead to less secu...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS when CSP headers were only sent along with responses that Rails considered as "HTML" responses. This left API requests without CSP headers, which could possibly expose users to this vulnerability. Workaround: Se...
CVE-2018-1360
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses...