Missing "no cache" headers in HCL Leap permits user directory information to be cached.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Improper access control of endpoint in HCL Leap
allows certain admin users to import applications from the
server's filesystem.
Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.
Insufficient sanitization in HCL Leap allows
client-side script injection in the authoring environment.
Improper access control of endpoint in HCL Domino Leap
allows certain admin users to import applications from the
server's filesystem.
Unsafe default file type filter policy in HCL
Leap allows execution of unsafe JavaScript in deployed applications.
Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.
A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software.
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application
HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges to access internal data (site names, versions, and configuration variables)
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux system
HCL Traveler is susceptible to a weak default HTTP header validation vulnerability, which could allow an attacker to bypass additional authentication checks.
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partiall
Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
In the Linux kernel, the following vulnerability has been resolved:
cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read()
We got the following issue in a fuzz test of randomly iss
Page 1+ Next →