Lucene search
K

211 matches found

CNNVD
CNNVD
added 2021/04/13 12:0 a.m.4 views

SAP Focused Run 安全漏洞

Designed for organizations that require extensive system and application monitoring, alerting and analysis, SAP Focused Run supports hosting all customers in a scalable, secure and automated environment. An improper authorization vulnerability exists in SAP Focused RUN versions 200 and 300. The...

6.5CVSS5.6AI score0.00515EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2021/04/08 6:0 p.m.59 views

Threat matrix for storage services

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...

0.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/08 6:0 p.m.56 views

Threat matrix for storage services

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...

0.5AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/03/18 12:0 a.m.103 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Authentication Bypass

Summary JT3500V is a most advanced LTE-A Pro CAT12 indoor Wi-Fi & VoIP CPE product specially designed to enable quick and easy LTE fixed data service deployment for residential and SOHO customers. It provides high speed LAN, Wi-Fi and VoIP integrated services to end users who need both bandwidth...

5.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/27 9:31 a.m.10 views

traveldataservice.de Cross Site Scripting vulnerability OBB-1367697

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
BDU FSTEC
BDU FSTEC
added 2020/07/31 12:0 a.m.6 views

The vulnerability of the Windows Spatial Data Service in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Windows Spatial Data Service for Windows operating systems exists due to errors in object processing in memory. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7CVSS7.1AI score
Exploits0References2
CNVD
CNVD
added 2020/06/23 12:0 a.m.8 views

Microsoft Windows Spatial Data Service Spatial Data Service Privilege Elevation Vulnerability

Microsoft Windows is a set of operating systems for personal devices from Microsoft.Spatial Data Service is one of the spatial data service components. A security vulnerability exists in Spatial Data Service in Microsoft Windows 10 version 1903 that stems from a program not properly handling...

6.8AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/06/17 7:0 a.m.22 views

Windows Spatial Data Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Spatial Data Service improperly handles objects in memory. An attacker could exploit the vulnerability to overwrite or modify a protected file leading to a privilege escalation. To exploit this vulnerability, an attacker would first...

7CVSS4AI score
Exploits0
CNVD
CNVD
added 2019/11/08 12:0 a.m.2 views

Adobe ColdFusion RDS Authentication Bypass Vulnerability

Adobe ColdFusion is a dynamic Web server with CFML ColdFusion Markup Language, a programming language. An authentication bypass vulnerability exists in Adobe ColdFusion RDS, which arises from a lack of authentication measures or insufficient authentication strength in a networked system or produc...

7AI score
Exploits0References1
Krebs on Security
Krebs on Security
added 2019/08/19 1:3 p.m.84 views

The Rise of “Bulletproof” Residential Networks

Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers. But this story is about so-called "bulletproof residentia...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2019/07/22 12:34 a.m.9 views

Valve: WG call injection in /economy/contextcommand

The vulnerability involved insufficient parameter validation in context-specific commands to a web-facing gateway. This allowed some economy queries to be executed outside the actual requesters' capability by confusing the type system. Bypasses for initial fixes were also provided...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.3 views

The vulnerability of the userprefs component in the software platform for collaborative development of SAP NetWeaver Development Infrastructure Cockpit allows a attacker to execute arbitrary code.

The vulnerability of the userprefs component /nwdicockpit/srv/data/ of the software development platform for SAP NetWeaver Development Infrastructure Cockpit is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to execute...

5.5CVSS5.9AI score
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/02 9:15 p.m.32 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2018 - Includes Oracle April 2018 CPU affects IBM InfoSphere Master Data Management

Summary IBM Initiate Master Data Service is vulnerable to Oracle Java SE and Java SE Embedded issues and could allow remote attackers to affect the confidentiality, integrity, and availability. Vulnerability Details CVEID: CVE-2018-2814 DESCRIPTION: An unspecified vulnerability related to the Jav...

8.3CVSS1.2AI score0.15141EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/07/12 12:0 a.m.6 views

The vulnerability of the Wireless Data Service module of the Qualcomm Data Services component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Wireless Data Service module of the Qualcomm Data Services operating system in Android is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

10CVSS5.9AI score0.01354EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:47 p.m.19 views

Security Bulletin: IBM Tealeaf Customer Experience internal connections not encrypted (CVE-2015-4961)

Summary Internal connections between IBM Tealeaf Customer Experience servers use unencrypted HTTP. Vulnerability Details CVEID: CVE-2015-4961 DESCRIPTION: In an IBM Tealeaf environment with multiple servers, connections to the Tealeaf Data Service, Search Service, Replay Service, and Tracking...

2.9CVSS0.5AI score0.00471EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:18 p.m.28 views

Security Bulletin: Mulitiple security vulnerabilities in Apache CXF affects IBM InfoSphere Master Data Management (CVE-2016-6812 CVE-2016-8739 CVE-2017-5653 CVE-2017-5656 CVE-2017-3156)

Summary IBM Initiate Master Data Service is vulnerable to multiple Apache CXF issues and could allow remote attackers to steal a victim's cookie-based authentication credentials and read arbitrary files on the system. Vulnerability Details CVEID: CVE-2016-6812 DESCRIPTION: Apache CXF is vulnerabl...

7.8CVSS1AI score0.11167EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:1 p.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Initiate Master Data Service (CVE-2016-3426, CVE- 2016-3427)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Initiate Master Data Service. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified...

10CVSS6.7AI score0.92334EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:1 p.m.19 views

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Master Data Management (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenSSL. OpenSSL is used by IBM InfoSphere Master Data Management. IBM InfoSphere Master Data Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protoc...

5CVSS2AI score0.74006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:1 p.m.25 views

Security Bulletin: Multiple Vulnerabilities in IBM Initiate Master Data Service (CVE-2014-4789, CVE-2014-4788, CVE-2014-4787, CVE-2014-4786, CVE-2014-4785, CVE-2014-4784, CVE-2014-4783)

Summary Multiple Vulnerabilities discovered in web UI components of IBM Initiate Master Data Service. Vulnerability Details CVE-ID: CVE-2014-4789 DESCRIPTION: IBM Initiate Master Data Service could allow a remote attacker to hijack a valid user's session, caused by the failure to update the sessi...

6.8CVSS1.3AI score0.01335EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:50 p.m.36 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Initiate Master Data Service (CVE-2015-4872, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Initiate Master Data Service. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerabilit...

5.9CVSS1.7AI score0.05453EPSS
Exploits0Affected Software1
Rows per page
Query Builder