74 matches found
CVE-2022-23256
Azure Data Explorer Spoofing Vulnerability...
Spoofing
Azure Data Explorer Spoofing Vulnerability...
CVE-2022-23256 Azure Data Explorer Spoofing Vulnerability
...
CVE-2022-23256
CVE-2022-23256 is a spoofing vulnerability in Microsoft Azure Data Explorer. Connected sources describe the issue as stemming from errors in the user interface’s representation of information, enabling spoofing attacks. Affected product: Azure Data Explorer. The available documents provide no con...
Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a...
Azure Data Explorer Spoofing Vulnerability
...
PT-2022-1693 · Microsoft · Azure Data Explorer
Name of the Vulnerable Software and Affected Versions: Azure Data Explorer affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks...
Security Bulletin: Vulnerability affects Watson Explorer Foundational Components
Summary Security vulnerabilities have been identified in IBM® Runtime Environment Java™ Technology Edition that is used by Watson Explorer. Vulnerability Details CVEID: CVE-2017-10295 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit...
Security Bulletin: Vulnerability affects Watson Explorer Foundational Components
Summary A security vulnerability affects IBM Watson Explorer Foundational Components. Vulnerability Details CVEID: CVE-2016-7055 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error in a Broadwell-specific Montgomery multiplication procedure. By sending specially crafted...
Security Bulletin: Vulnerability in OpenSSL affects Watson Explorer (CVE-2016-2107)
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by the Watson Explorer Foundational Components. Watson Explorer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL could allow a remote attacker to...
Security Bulletin: Vulnerability in OpenSSL affects Watson Explorer (CVE-2016-0702)
Summary A vulnerability in OpenSSL affects Watson Explorer. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular...
Security Bulletin: Vulnerability in SSLv3 affects IBM Monitoring and Diagnostic Tools for Java - Interactive Diagnostic Data Explorer (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 may be used in connections between Interactive Diagnostic Data Explorer client and the server running in IBM Support Assistant Team Server Vulnerability...
CVE-2013-0561: IBM InfoSphere Data Explorer information disclosure
CVE-2013-0561 affects IBM InfoSphere Data Explorer where some SSL pages are incorrectly cached. An attacker who can access cached pages viewed by a legitimate user may view sensitive information from those pages. The description notes cacheability issue but does not provide exploitation details o...
CVE-2013-0564: IBM InfoSphere Data Explorer cross-site request forgery
CVE-2013-0564 concerns IBM InfoSphere Data Explorer and describes a cross-site request forgery (CSRF) vulnerability due to insufficient safeguards. An attacker can lure a legitimate, already-authenticated user to open a URL that executes an action on behalf of that user, potentially without the u...