IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: ...
5.3CVSS
5.3AI Score
0.0004EPSS
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: ...
6.5CVSS
6.3AI Score
0.0004EPSS
A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file system_info/index.php of the component System Info Page. The manipulation of the argument System Name/System Short...
2.4CVSS
3.6AI Score
0.0004EPSS
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...
7.3CVSS
7.5AI Score
0.0004EPSS
A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2.17 that could allow operating system commands to be executed if a specially crafted link is...
7.5CVSS
7.3AI Score
0.001EPSS
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID: ...
4.4CVSS
4.4AI Score
0.0004EPSS
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user.....
8.1CVSS
7.9AI Score
0.0005EPSS
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of...
7.5CVSS
8AI Score
0.0004EPSS
Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the...
9.9CVSS
9.9AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7CVSS
6.9AI Score
0.0004EPSS
7.3CVSS
7.2AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.0005EPSS
7.8CVSS
7.7AI Score
0.0005EPSS
7.8CVSS
7.7AI Score
0.001EPSS
9.8CVSS
9.7AI Score
0.003EPSS
7CVSS
6.9AI Score
0.0004EPSS
8CVSS
8.1AI Score
0.001EPSS
8CVSS
8.1AI Score
0.001EPSS
8CVSS
8.1AI Score
0.0004EPSS
8.8CVSS
9AI Score
0.001EPSS
6.7CVSS
6.8AI Score
0.0004EPSS
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
4.7CVSS
6.5AI Score
0.0005EPSS
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
6.1CVSS
7AI Score
0.0005EPSS
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...
7.8CVSS
7.2AI Score
0.0005EPSS
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth...
5.9CVSS
7.2AI Score
0.001EPSS
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
7.5CVSS
7.5AI Score
0.0004EPSS
5.4CVSS
6.2AI Score
0.0005EPSS
7.8CVSS
6.3AI Score
0.0004EPSS
5.5CVSS
6.2AI Score
0.0004EPSS
5.5CVSS
7.3AI Score
0.0005EPSS
6.5CVSS
6.1AI Score
0.0005EPSS
7.8CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
6.6AI Score
0.002EPSS
7.5CVSS
7AI Score
0.001EPSS
7.8CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
6.3AI Score
0.0004EPSS
7.5CVSS
7AI Score
0.001EPSS
7.5CVSS
7AI Score
0.001EPSS
7.5CVSS
7AI Score
0.001EPSS
8.1CVSS
6.9AI Score
0.001EPSS
6.5CVSS
6.3AI Score
0.0004EPSS
5.5CVSS
6.1AI Score
0.0004EPSS