1071 matches found
CVE-2022-25807
An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...
CVE-2022-25807
An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...
Chicago students lose data to ransomware attackers
Chicago Public Schools CPS disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids BfK, based in Columbus Ohio, which develops services to provide innovation in schools...
PT-2022-2472 · Amd +1 · Amd Cpus +1
Name of the Vulnerable Software and Affected Versions: AMD CPUs affected versions not specified Description: The issue is related to the implementation of the SEV-SNP Secure Nested Paging protective mechanism for virtual machines running on servers with AMD processors, which is associated with da...
IBM Guardium Data Encryption (GDE) Cross-Site Scripting Vulnerability
IBM Security Guardium Data Encryption is an application from IBM USA that provides a modular set of encryption, tokenization, and key management solutions that enable organizations to protect data in local and hybrid multi-cloud environments. IBM Guardium Data Encryption GDE 4.0. 0.0.0 and 5.0.0....
CVE-2021-39024
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2021-39024
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2021-39024
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2021-39024
IBM Guardium Data Encryption (GDE) versions 4.0.0.0 and 5.0.0.0 are vulnerable to cross-site scripting via the Web UI, enabling arbitrary JavaScript in trusted sessions and potential credential disclosure. The IBM Security Bulletin summarizes the issue and references CVE-2021-39024, with CVSS v3....
IBM Guardium Data Encryption 跨站脚本漏洞
IBM Security Guardium Data Encryption is an application from IBM USA that provides a modular set of encryption, tokenization, and key management solutions that enable organizations to protect data in local and hybrid multi-cloud environments. IBM Guardium Data Encryption GDE 4.0. 0.0.0 and 5.0.0....
Security Bulletin: Vulnerability CVE-2021-39024 in IBM Guardium Data Encryption (GDE)
Summary Vulnerability identified in IBM Guardium Data Encryption GDE. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2021-39024 DESCRIPTION: IBM Guardium Data Encryption GDE is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
Unspecified Vulnerability in IBM Guardium Data Encryption (CNVD-2022-41644)
IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption GDE. A remote attacker could exploit the vulnerability to obtain sensitive information when a technical error...
Unspecified Vulnerability in IBM Guardium Data Encryption (CNVD-2022-41643)
IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption GDE that stems from a loss of encoding or escaping of data. No details of the vulnerability are provided at...
CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF)
A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...
IBM Guardium Data Encryption Information Leakage Vulnerability (CNVD-2022-66261)
IBM Guardium Data Encryption is an encryption solution that captures pricing information and is used to protect data and business. An information leakage vulnerability exists in IBM Guardium Data Encryption that originates from storing sensitive information in URL parameters, which can be exploit...
CVE-2021-39027
IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865...
CVE-2021-39023
IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213860...
CVE-2021-39027
IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865...
Code injection
IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865...
CVE-2021-39027
IBM Guardium Data Encryption GDE 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865...