| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500. |
|
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.
|
|
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. |
|
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
|
|
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions
|
|
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak
|
|
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
|
|
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.
|
|
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.
|
|
Some Honor products are affected by file writing vulnerability, successful exploitation could cause information disclosure.
|
| An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following version:
QUSBCam2 2.0.3 ( 2023/06/15 ) and later
|
| A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h4.5.4.2476 build 20230728 and later
|
| A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.2.0.0823 and later
|
| An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.1.0.0518 and later
|
| A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
|
| A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
|
| A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.
We have already fixed the vulnerability in the following versions:
Multimedia Console 2.1.1 ( 2023/03/29 ) and later
Multimedia Console 1.4.7 ( 2023/03/20 ) and later
|
| A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.
We have already fixed the vulnerability in the following versions:
QTS 4.3.6.2441 build 20230621 and later
QTS 4.3.3.2420 build 20230621 and later
QTS 4.2.6 build 20230621 and later
QTS 4.3.4.2451 build 20230621 and later
|
| An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability allows remote authenticated users to execute commands via susceptible QNAP devices.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2376 build 20230421 and later
QTS 4.5.4.2374 build 20230416 and later
QuTS hero h5.0.1.2376 build 20230421 and later
QuTS hero h4.5.4.2374 build 20230417 and later
QuTScloud c5.0.1.2374 and later
|
| HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.
|
