CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4561 matches found

OSV•added 2021/08/10 7:15 p.m.•4 views

CVE-2021-21601

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be ab...

7.8CVSS5.8AI score0.00239EPSS

Exploits0References1

NVD•added 2021/08/10 7:15 p.m.•11 views

CVE-2021-21601

8.8CVSS0.00239EPSS

Exploits0References1

Prion•added 2021/08/10 7:15 p.m.•13 views

Design/Logic Flaw

2.1CVSS7.1AI score0.00239EPSS

Exploits0References1Affected Software2

CVE•added 2021/08/10 7:5 p.m.•41 views

CVE-2021-21601

CVE-2021-21601 concerns Dell EMC Data Protection Search (19.4 and earlier) and IDPA (2.6.1 and earlier). The vulnerability is described as an information exposure in a log file vulnerability within the CIS, enabling a local, low-privileged attacker to disclose certain user credentials and use the...

8.8CVSS7.1AI score0.00239EPSS

Exploits0References1Affected Software2

CNNVD•added 2021/08/10 12:0 a.m.•4 views

DELL EMC Data Protection Search 日志信息泄露漏洞

DELL EMC Data Protection Search is a scalable indexing and search appliance from Dell USA that integrates with Avamar and NetWorker. A log information disclosure vulnerability exists in Dell EMC Data Protection Search that stems from an information exposure vulnerability in a log file included in...

8.8CVSS7.3AI score0.00239EPSS

Exploits0References1

OSV•added 2021/07/31 6:15 p.m.•15 views

CVE-2021-37759

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges to the access level of the leaked session ID...

9.8CVSS7AI score

Exploits0References1

NVD•added 2021/07/31 6:15 p.m.•12 views

CVE-2021-37759

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges to the access level of the leaked session ID...

9.8CVSS0.01286EPSS

Exploits0References1

CVE•added 2021/07/31 5:35 p.m.•86 views

CVE-2021-37759

Graylog prior to 4.1.2 is affected by a Session ID leak in the DEBUG log file that allows an attacker to escalate privileges to the leaked session ID. Affected product: Graylog (before 4.1.2). Root cause: leakage of session IDs via DEBUG logs. Impact: potential privilege elevation with the leaked...

9.8CVSS9.5AI score0.01286EPSS

Exploits0References1Affected Software1

CNNVD•added 2021/07/15 12:0 a.m.•4 views

iDrive RemotePC 信任管理问题漏洞

iDrive RemotePC is remote control software from iDrive, Inc. A trust management issue vulnerability exists in iDrive RemotePC versions prior to 7.6.48 on Windows, where a locally authenticated attacker can read an encrypted version of the system's personal key in an owner-readable %PROGRAMDATA% l...

3.3CVSS5AI score0.00162EPSS

Exploits0References3

CNVD•added 2021/07/12 12:0 a.m.•12 views

Octopus Server Explicit Storage of Sensitive Information Vulnerability (CNVD-2021-59134)

Octopus Server is an automated deployment platform. Octopus Server is vulnerable to a plaintext storage of sensitive information, which stems from database passwords being written in plaintext to the OctopusServer.txt log file. No detailed vulnerability details are currently available...

7.5CVSS1.8AI score0.00858EPSS

Exploits0References1

OSV•added 2021/07/08 7:15 p.m.•4 views

CVE-2021-1574

Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation BPA could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to...

8.8CVSS7.3AI score0.01734EPSS

Exploits0References1

OSV•added 2021/07/08 11:15 a.m.•3 views

CVE-2021-31816