Lucene search
K

18 matches found

GithubExploit
GithubExploit
added 2024/07/18 12:57 p.m.642 views

Exploit for Exposure of Private Personal Information to an Unauthorized Actor in Follow-Redirects_Project Follow-Redirects

CVE-2022-0155 Proof-of-Concept PoC This repository contains...

8CVSS8.1AI score0.02426EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.42 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.68603EPSS
Exploits9References19
OSV
OSV
added 2023/06/21 11:49 a.m.9 views

SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...

9.8CVSS7.8AI score0.68603EPSS
Exploits9References32
SUSE CVE
SUSE CVE
added 2023/02/23 3:22 a.m.4 views

SUSE CVE-2022-0155

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

6.5CVSS8.8AI score0.02426EPSS
Exploits2References12
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/07 9:34 p.m.32 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js follow-redirects module information disclosure vulnerabilities (CVE-2022-0536, CVE-2022-0155)

Summary Potential information disclosure vulnerabilities in Node.js follow-redirects module CVE-2022-0536, CVE-2022-0155 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-0536...

8CVSS5.7AI score0.02426EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/16 12:19 p.m.47 views

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.3] bug fix and security update

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

8CVSS6.8AI score0.02426EPSS
Exploits2References14
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 6:53 p.m.37 views

Security Bulletin: IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID:CVE-2021-42581 DESCRIPTION: Ramda could allow a remote attacker t...

9.1CVSS8.8AI score0.2241EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 9:11 p.m.50 views

Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute...

9.8CVSS9.2AI score0.04581EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/14 3:2 p.m.41 views

Security Bulletin: IBM MQ Appliance is affected by follow-redirects vulnerabilities (CVE-2022-0155 and CVE-2022-0536)

Summary IBM MQ Appliance has resolved follow-redirects vulnerabilities. Vulnerability Details CVEID: CVE-2022-0155 DESCRIPTION: follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote...

8CVSS2AI score0.02426EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/12 3:35 p.m.47 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2022-0155 & CVE-2022-0536)

Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2022-0536 DESCRIPTION: Node.js follow-redirects module could allow a remote...

8CVSS1.2AI score0.02426EPSS
Exploits2Affected Software2
RedHat Linux
RedHat Linux
added 2022/05/05 4:52 a.m.77 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.10 General Availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.8CVSS7.3AI score0.05664EPSS
Exploits6References36
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/28 5:2 p.m.34 views

Security Bulletin: Information disclosure vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2022-0155, CVE-2022-0536, CVE-2021-3749

Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to an information disclosure attack. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the trim...

8CVSS1.2AI score0.08515EPSS
Exploits4Affected Software1
Circl
Circl
added 2022/01/10 10:14 p.m.4 views

CVE-2022-0155

creationtimestamp| type| source ---|---|--- 2022-01-10 22:14:58+00:00| seen| https://t.me/cibsecurity/35206...

8CVSS7.1AI score0.02426EPSS
Exploits2References1
NVD
NVD
added 2022/01/10 8:15 p.m.18 views

CVE-2022-0155

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

8CVSS0.02426EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2022/01/10 8:15 p.m.36 views

CVE-2022-0155

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

8CVSS6.9AI score0.02426EPSS
Exploits2References6
OSV
OSV
added 2022/01/10 7:30 p.m.28 views

CVE-2022-0155 Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

8CVSS7.8AI score0.02426EPSS
Exploits2References5
CVE
CVE
added 2022/01/10 7:30 p.m.239 views

CVE-2022-0155

CVE-2022-0155 is associated with the follow-redirects library and involves Exposure of Private Personal Information to an Unauthorized Actor. The linked document details that an unauthorized actor could obtain sensitive information during redirects, constituting a data exposure risk. No exploitat...

8CVSS6.8AI score0.02426EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder