Lucene search
K

121 matches found

OSV
OSV
added 2022/02/18 6:15 p.m.3 views

CVE-2021-39026

IBM Guardium Data Encryption GDE 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

5.9CVSS6.3AI score0.00502EPSS
Exploits0References2
Prion
Prion
added 2022/02/18 6:15 p.m.22 views

Information disclosure

IBM Guardium Data Encryption GDE 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

4.3CVSS5.3AI score0.00502EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/18 5:35 p.m.14 views

CVE-2021-39026

IBM Guardium Data Encryption GDE 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

5.9CVSS5.5AI score0.00502EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/17 10:11 a.m.39 views

Security Bulletin: IBM Guardium Data Encryption (GDE) has an information exposure vulnerability (CVE-2021-39026 )

Summary An information Exposure was addressed in IBM Guardium Data Encryption GDE. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2021-39026 DESCRIPTION: IBM Guardium Data Encryption GDE could allow a remote attacker to obtain sensitive information, caused by the...

5.9CVSS5.1AI score0.00502EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/02/02 8:15 p.m.14 views

CVE-2021-39021

IBM Guardium Data Encryption GDE 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856...

5.3CVSS0.00537EPSS
Exploits0References2
OSV
OSV
added 2022/02/02 8:15 p.m.5 views

CVE-2021-39021

IBM Guardium Data Encryption GDE 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856...

5.3CVSS5.8AI score0.00537EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/02/02 12:0 a.m.6 views

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is an application from IBM USA, Inc. IBM Guardium Data Encryption GDE 5.0.0.2 contains a security vulnerability that can be exploited by attackers to cause username enumeration...

5.3CVSS5.6AI score0.00537EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:58 a.m.18 views

Security Bulletin: A security vulnerability has been identified in IBM Guardium Data Encryption (GDE) (CVE-2021-39021)

Summary A security vulnerability has been identified in IBM Guardium Data Encryption GDE CVE-2021-39021. Please apply the lested version of GDE , to get the fix. Vulnerability Details CVEID: CVE-2021-39021 DESCRIPTION: IBM Guardium Data Encryption GDE behaves differently or sends different...

5.3CVSS4.9AI score0.00537EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/29 7:53 a.m.67 views

Security Bulletin: Vulnerability in Apache Log4j affects IBM Guardium Data Encryption (GDE) (CVE-2021-45105 and CVE-2021-45046)

Summary Vulnerability in Apache Log4j affects IBM Guardium Data Encryption GDE CVE-2021-45105 and CVE-2021-45046. The patch includes Apache Log4j 2.17. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from...

10CVSS0.7AI score0.99999EPSS
Exploits353Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/23 7:1 a.m.19 views

Security Bulletin: There are multiple vulnerabilities identified in IBM Guardium Data Encryption (GDE) (CVE-2021-20378, CVE-2021-20416, CVE-2021-20474, CVE-2021-20379)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed in GDE 4.0.0.5. Please apply the latest version to obtain the fixes. Vulnerability Details CVEID: CVE-2021-20474 DESCRIPTION: IBM Security Guardium does not perform any...

8.8CVSS6.7AI score0.00722EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/20 4:50 a.m.161 views

Security Bulletin: A security vulnerability has been identified in Log4j 2 used in IBM Guardium Data Encryption (GDE) (CVE-2021-44228)

Summary Log4j 2 is a logging package used by IBM Security Guardium Data Encryption GDE. That package has a security vulnerability. Consult the bulletin listed below for details. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrar...

10CVSS0.7AI score0.99999EPSS
Exploits349Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/27 6:9 a.m.35 views

Security Bulletin: Vulnerabilities in IBM Guardium Data Encryption (GDE) (CVE-2020-7676)

Summary Vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed, please apply the latest version to obtain the fix. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation...

5.4CVSS1.5AI score0.02142EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/07/13 12:0 a.m.9 views

IBM Guardium Data Encryption Information Disclosure Vulnerability

IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption that stems from the application's failure to properly limit the number of interactions, which could be...

4.9CVSS6.6AI score0.00541EPSS
Exploits0References1
OSV
OSV
added 2021/07/12 4:15 p.m.7 views

CVE-2021-20414

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

4.9CVSS5.8AI score0.00541EPSS
Exploits0References2
NVD
NVD
added 2021/07/12 4:15 p.m.14 views

CVE-2021-20414

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

4.9CVSS0.00541EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/09 12:0 a.m.7 views

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption that stems from the application's failure to properly limit the number of interactions, which could be...

4.9CVSS5.6AI score0.00541EPSS
Exploits0References4
CNVD
CNVD
added 2021/07/08 12:0 a.m.7 views

IBM Guardium Data Encryption Information Leakage Vulnerability

IBM Security Guardium Data Encryption is an American IBM software for securing sensitive data within an organization. The software protects assets located in cloud, virtual, big data and physical environments by controlling access to databases, files, applications and containers. An information...

5.3CVSS5.7AI score0.00722EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/08 12:0 a.m.22 views

IBM Security Guardium Data Encryption Information Disclosure Vulnerability (CNVD-2022-05124)

A security vulnerability exists in IBM Security Guardium Data Encryption, an IBM software for securing sensitive data in organizations, which can be exploited by remote attackers to return detailed technical error messages in the browser when to obtain sensitive information...

4.3CVSS3.5AI score0.00629EPSS
Exploits0References1
OSV
OSV
added 2021/07/07 5:15 p.m.2 views

CVE-2021-20416

IBM Guardium Data Encryption GDE 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 196218...

5.3CVSS6.2AI score
Exploits0References2
OSV
OSV
added 2021/07/07 5:15 p.m.2 views

CVE-2021-20417

IBM Guardium Data Encryption GDE 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196219...

4.3CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder