Lucene search
K

63 matches found

NVD
NVD
added 2022/10/17 4:15 p.m.27 views

CVE-2019-14840

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...

7.5CVSS0.00675EPSS
Exploits1References2
Prion
Prion
added 2022/10/17 4:15 p.m.20 views

Default credentials

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...

5CVSS7.3AI score0.00675EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/17 12:0 a.m.7 views

CVE-2019-14840

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...

7.3AI score0.00675EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/10/17 12:0 a.m.5 views

PT-2022-8095 · Red Hat · Red Hat Decision Manager

Name of the Vulnerable Software and Affected Versions: Red Hat Decision Manager RHDM affected versions not specified Description: A flaw was found in the RHDM, where sensitive HTML form fields like password have auto-complete enabled, which may lead to a leak of credentials. Recommendations: At t...

7.5CVSS4.8AI score0.00675EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/10/17 12:0 a.m.33 views

CVE-2019-14840

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...

7.3AI score0.00675EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/01 12:0 a.m.7 views

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing such things as key factors and key people. A security...

6.2CVSS6.6AI score0.00203EPSS
Exploits0References4
OSV
OSV
added 2022/05/17 4:46 a.m.14 views

GHSA-6G7X-4C7M-G63M Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...

6.1CVSS5.3AI score0.02164EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/17 4:46 a.m.17 views

Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...

4.3CVSS5.6AI score0.02164EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2022/03/28 7:15 p.m.22 views

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

4.3CVSS0.00801EPSS
Exploits1References3
OSV
OSV
added 2022/03/28 7:15 p.m.20 views

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

4.3CVSS6.6AI score0.00801EPSS
Exploits1References3
CVE
CVE
added 2022/03/28 6:53 p.m.94 views

CVE-2021-39876

CVE-2021-39876 affects GitLab CE/EE starting from version 11.3, where the autocomplete endpoint for Assignee discloses members of private groups. The root cause is an information-disclosure flaw in the Assignee autocomplete functionality, enabling partial confidentiality breach. Impact stated in ...

4.3CVSS4.4AI score0.00801EPSS
Exploits1References3Affected Software1
Kitploit
Kitploit
added 2022/03/19 8:30 p.m.40 views

Nuclei-Burp-Plugin - Nuclei Plugin For BurpSuite

A BurpSuite plugin intended to help with nuclei template generation. Features Template matcher generation Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contexts Multi-line selections are split to separate words for readability Binary matchers are...

7.4AI score
Exploits0References10
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.5 views

IBM Cognos Analytics 授权问题漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. An authorization issue...

7.5CVSS8.4AI score0.02371EPSS
Exploits0References4
Prion
Prion
added 2021/03/29 4:15 a.m.21 views

Cross site scripting

Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...

4.3CVSS6.2AI score0.00829EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2021/03/29 4:15 a.m.19 views

CVE-2021-29274

Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...

6.1CVSS6.3AI score0.00829EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/03/29 3:46 a.m.23 views

CVE-2021-29274

Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...

6.1CVSS6AI score0.00829EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2021/03/22 10:28 a.m.36 views

CVE-2019-14840

A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials...

7.5CVSS0.8AI score0.00675EPSS
Exploits1References3
CNVD
CNVD
added 2020/10/29 12:0 a.m.2 views

Firefly III Cross-Site Scripting Vulnerability (CNVD-2020-59725)

Firefly III is a free, open source, self-hosted personal finance manager. A cross-site scripting vulnerability exists in the auto-complete feature of the description field in Firefly III versions prior to 5.4.5. An attacker can exploit the vulnerability to execute JavaScript via the suggested...

6.3AI score
Exploits0References1
CNVD
CNVD
added 2020/04/02 12:0 a.m.3 views

Unspecified Vulnerability in Apple iOS and iPadOS Messages Composition Component

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple iPadOS is an operating system for iPad tablets. messages Composition is one of the message editing components. A security vulnerability exists in the Messages Compositio...

5.3CVSS6.3AI score0.00802EPSS
Exploits0References1
Kitploit
Kitploit
added 2020/03/30 11:30 a.m.77 views

One-Lin3r v2.1 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...

7.8AI score
Exploits0References4
Rows per page
Query Builder