142 matches found
CVE-2021-25399
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege...
Information disclosure
It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information...
CVE-2018-10863
It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information...
CVE-2018-10863
CVE-2018-10863 affects redhat-certification 7, where improper configuration allows listing all files/directories under /var/www/rhcert/store/transfer via the /rhcert-transfer URL, enabling information disclosure. The impact is exposure of sensitive information, per multiple connected records. Exp...
IBM Verify Gateway (IVG) Account Lockout Improperly Set Vulnerability
IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. An improperly set account lockout vulnerability exists in IBM Verify Gateway IVG. A remote attacker could exploit the vulnerability to brute-force break account credentials...
CVE-2020-0228
There is an improper configuration of recorder related service. Product: AndroidVersions: Android SoCAndroid ID: A-156333723...
CVE-2020-0228
CVE-2020-0228 affects Android’s Recorder related service, with the root cause described as an improper configuration of that recorder component. Public summaries in the connected documents indicate an information-disclosure risk (evidence includes CNVD/Red Hat listings and NVD metrics) and classi...
ASB-A-156333723
There is an improper configuration of recorder related service...
Cisco Firepower Threat Defense Software Shell Access (cisco-sa-ftd-shell-9rhJF68K)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a shell access vulnerability in the support tunnel feature due to improper configuration of that feature. An authenticated, local attacker can exploit this, by enabling the support tunnel, setting a key...
CVE-2020-12473
MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program...
CVE-2020-11795
In JetBrains Space through 2020-04-22, the session timeout period was configured improperly...
Code injection
In JetBrains Space through 2020-04-22, the session timeout period was configured improperly...
Design/Logic Flaw
Improper configuration in block design for IntelR MAXR 10 FPGA all versions may allow an authenticated user to potentially enable escalation of privilege and information disclosure via physical access...
CVE-2020-0574
Improper configuration in block design for IntelR MAXR 10 FPGA all versions may allow an authenticated user to potentially enable escalation of privilege and information disclosure via physical access...
CVE-2020-0574
CVE-2020-0574 : A misconfiguration in the block design of Intel® MAX® 10 FPGA (all versions) may allow an authenticated user to escalate privileges and disclose information via physical access. The issue is documented by Intel (Intel® MAX® 10 FPGA Advisory) with a CVSS v3.1 base score of 5.9 (MED...
Path Traversal
md-fileserver is vulnerable to path traversal. The attack exists through improper configuration of permissions to the files under the user's home directory of server, allowing anyone having remote access to access the other users files...
CVE-2019-5277
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation...
CVE-2019-5277
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation...
Information disclosure
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation...
CVE-2019-5277
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation...