Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38516 | 2024-06-26 | 8.8 High | ||
| ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22. | ||||
| CVE-2024-27179 | 2024-06-17 | 4.7 Medium | ||
| Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | ||||
| CVE-2023-5392 | 2024-04-25 | 7.5 High | ||
| C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-02-15 | 4.4 Medium |
| Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. | ||||
| CVE-2022-34364 | 1 Dell | 1 Bsafe Ssl-j | 2024-02-06 | 4.4 Medium |
| Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. . | ||||
| CVE-2022-27597 | 1 Qnap | 18 Qts, Quts Hero, Qutscloud and 15 more | 2023-09-01 | 2.7 Low |
| A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later | ||||
| CVE-2021-31412 | 1 Vaadin | 2 Flow, Vaadin | 2022-10-25 | 5.3 Medium |
| Improper sanitization of path in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.14 (Vaadin 10.0.0 through 10.0.18), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), and 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows network attacker to enumerate all available routes via crafted HTTP request when application is running in production mode and no custom handler for NotFoundException is provided. | ||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 4.4 Medium |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | ||||
Page 1 of 1.