CVE-2023-20136

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

TotalCloud Empowered with CloudView Integration

Qualys, a leading provider of cloud-based security and compliance solutions, offers Qualys TotalCloud - a unified vulnerability, threat, and posture management solution. This solution simplifies cloud infrastructure security by combining essential components such as Cloud Workload Protection, Clo...

Akamai Integrates DNS Security with Microsoft's Azure Firewall to Protect Cloud Workloads

...

PT-2023-1001 · Arm · Arm Nn Android-Nn-Driver

Name of the Vulnerable Software and Affected Versions: Arm NN Android-NN-Driver versions prior to 23.02 Description: A possible out-of-bounds read and write was discovered due to an improper length check of shared memory. This issue could lead to local escalation of privilege with no additional...

Security Bulletin: IBM Workload Scheduler potentially affected by a vulnerability in Apache Commons FileUpload (CVE-2023-24998)

Summary IBM Workload Scheduler is potentially affected by a vulnerability found in Apache Commons FileUpload that can cause a DoS attack. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the...

CVE-2023-28008

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28009

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28009

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

Xxe

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

Xxe

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28009

CVE-2023-28009 affects HCL Workload Automation. The vulnerability is an XML External Entity (XXE) injection in the XML processing path. Impact stated in sources: potential exposure of sensitive information and/or memory/resource exhaustion. Exploitation details are not provided in the documents; ...

CVE-2023-28009 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28008 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28008 HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-28008

CVE-2023-28008 affects HCL Workload Automation versions 9.4, 9.5, and 10.1 where XML data is processed. The root cause is XML External Entity (XXE) injection in the XML processing path, enabling a remote attacker to access sensitive information or exhaust memory resources as described across mult...

HCL Technologies Workload Automation 代码问题漏洞

HCL Technologies Workload Automation is a workload automation software from HCL Technologies India. It refers to the use of software to schedule, manage and execute various business tasks and processes with minimal human intervention. A security vulnerability exists in HCL Technologies Workload...

HCL Technologies Workload Automation 代码问题漏洞

HCL Technologies Workload Automation is a workload automation software from HCL Technologies India. It refers to the use of software to schedule, manage and execute various business tasks and processes with minimal human intervention. HCL Technologies Workload Automation suffers from a security...

PT-2023-21476 · Hcl · Hcl Workload Automation

Name of the Vulnerable Software and Affected Versions: HCL Workload Automation affected versions not specified Description: HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this issue to expose sensitive...