Lucene search
K

113 matches found

OSV
OSV
added 2022/11/28 2:15 p.m.5 views

CVE-2022-3511

The Awesome Support WordPress plugin before 6.1.2 does not ensure that the exported tickets archive to be downloaded belongs to the user making the request, allowing a low privileged user, such as subscriber to download arbitrary exported tickets via an IDOR vector...

6.5CVSS5.8AI score0.00699EPSS
Exploits1References1
OSV
OSV
added 2021/11/30 9:15 p.m.6 views

CVE-2021-36329

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

6.5CVSS5.8AI score0.00675EPSS
Exploits0References1
NVD
NVD
added 2021/11/30 9:15 p.m.18 views

CVE-2021-36329

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

6.5CVSS0.00675EPSS
Exploits0References1
Prion
Prion
added 2021/11/30 9:15 p.m.13 views

Design/Logic Flaw

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

4CVSS6.6AI score0.00675EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/30 8:40 p.m.40 views

CVE-2021-36329

CVE-2021-36329 affects Dell EMC Streaming Data Platform prior to 1.3, where an Indirect Object Reference vulnerability could let a remote attacker obtain sensitive information. Multiple sources corroborate the impact as disclosure of information via indirect access. The vulnerability is documente...

6.5CVSS6.6AI score0.00675EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/30 8:40 p.m.19 views

CVE-2021-36329

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

6.5CVSS6.8AI score0.00675EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/30 12:0 a.m.5 views

Dell Emc Streaming Data Platform 安全漏洞

Dell Emc Streaming Data Platform is a Dell platform for ingesting, storing and analyzing continuous streaming data in real time. A security vulnerability exists in the Dell Emc Streaming Data Platform that originates from the inclusion of an indirect object reference, which can be exploited by an...

6.5CVSS5.6AI score0.00675EPSS
Exploits0References1
NVD
NVD
added 2020/06/04 4:15 p.m.23 views

CVE-2020-13815

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference...

7.5CVSS7.5AI score0.0153EPSS
Exploits0References1
Prion
Prion
added 2020/06/04 4:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference...

5CVSS7.4AI score0.0153EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/06/04 3:37 p.m.52 views

CVE-2020-13815

CVE-2020-13815 affects Foxit Reader and PhantomPDF prior to version 9.7.1. The issue is a stack-consumption vulnerability caused by a loop over an indirect object reference in the affected PDF processing path. Impact, as described, is a memory/stack exhaustion scenario; no explicit exploitation d...

7.5CVSS7.4AI score0.0153EPSS
Exploits0References1Affected Software2
AlpineLinux
AlpineLinux
added 2020/06/04 3:37 p.m.19 views

CVE-2020-13815

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference...

7.5CVSS6.8AI score0.0153EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/02/27 3:56 a.m.64 views

RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers

SAN FRANCISCO – Researchers have discovered a slew of security vulnerabilities in a popular baby monitor, which if exploited allows attackers to remotely access the camera’s video footage. The vulnerabilities were discovered in the iBaby Monitor M6S connected baby camera by researchers with...

1.1AI score
Exploits0References7
Hacker One
Hacker One
added 2016/08/15 2:45 a.m.21 views

Harvest: Unauthorized read access to Invoices by PM (Access control Issues)

Hi Team, Description : Project Manager have access to limited projects and corresponding Invoices. But he can view any private Invoices of the company which he doesn't have access to. Sending Invoice Request is Vulnerable to Indirect Object Reference Attack. Any Unprivileged Project manager can...

0.5AI score
Exploits0
Rows per page
Query Builder