Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-27179 | 2024-07-04 | N/A | 4.7 MEDIUM | ||
Admin cookies are written in clear-text in logs. An attacker can retrieve them and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | |||||
CVE-2024-38516 | 2024-06-26 | N/A | 8.8 HIGH | ||
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22. | |||||
CVE-2023-5392 | 2024-04-12 | N/A | 7.5 HIGH | ||
C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-02-15 | N/A | 4.4 MEDIUM |
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. |