Lucene search
+L

60 matches found

NVD
NVD
added 2022/09/02 8:15 p.m.17 views

CVE-2022-31196

Databasir is a database metadata management platform. Databasir = 1.06 has Server-Side Request Forgery SSRF vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is...

7.6CVSS0.00815EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.15 views

The vulnerability of the Exiv2 metadata management library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 media metadata management library lies in the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created image file...

7.1CVSS6.7AI score0.01104EPSS
Exploits0References11Affected Software5
CNVD
CNVD
added 2021/05/14 12:0 a.m.7 views

Exiv2 Uninitialized Memory Read Vulnerability

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An uninitialized memory read vulnerability exists in Exiv2 0.27.3 and earlier versions. An attacker can exploit the vulnerability to leak a few bytes of stack memory via specially crafted image files...

4.3CVSS6.5AI score0.01104EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/10 12:0 a.m.11 views

Exiv2 out-of-bounds read vulnerability (CNVD-2021-33987)

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An out-of-bounds read vulnerability exists in Exiv2 0.27.3 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via specially crafted image files...

5.5CVSS6.6AI score0.01119EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/27 12:0 a.m.11 views

Exiv2 out-of-bounds read vulnerability (CNVD-2021-31753)

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An out-of-bounds read vulnerability exists in Exiv2 0.27.3 and earlier versions. An attacker can exploit this vulnerability to cause Exiv2 to crash via specially crafted image files...

2.6CVSS6.5AI score0.01677EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/20 12:0 a.m.8 views

Exiv2 Out-of-Bounds Read Vulnerability

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. Exiv2 0.27.3 and earlier versions have an out-of-bounds read vulnerability when writing metadata to specially crafted image files. An attacker could exploit this vulnerability via a specially crafted image...

5.5CVSS6.5AI score0.01568EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Osprey <= 1.0 GetRecord.php Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- Osprey = 1.0 libdir Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team :...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.28 views

CA ERwin Web Portal MIMM downloadScriptFile.do Information Disclosure Vulnerability

This vulnerability allows remote attackers to read nearly any system file, including database credentials, on a system with vulnerable installations of CA ERwin Web Portal's Meta Integration Metadata Management service. Authentication is not required to exploit this vulnerability. The specific fl...

7.1CVSS7AI score0.05289EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2014/04/17 12:0 a.m.26 views

CA ERwin Web Portal MIMM ConfigServiceProviderServlet Remote File Creation/Overwrite Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary .xml files on a system with vulnerable installations of CA ERwin Web Portal's Meta Integration Metadata Management service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "Meta...

9.4CVSS7.1AI score0.05289EPSS
Exploits1References1
NVD
NVD
added 2014/03/05 11:55 a.m.21 views

CVE-2013-6319

IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to bypass intended access restrictions and read content via unspecified vectors...

4CVSS6AI score0.00976EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.23 views

CVE-2013-6333

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...

3.5CVSS5AI score0.00765EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.22 views

CVE-2013-6303

Directory traversal vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to read arbitrary files via unspecified...

4CVSS6.1AI score0.01453EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.27 views

CVE-2013-6299

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...

3.5CVSS5AI score0.00765EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.22 views

CVE-2013-6302

SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified...

6.5CVSS7.6AI score0.00969EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.23 views

CVE-2013-6320

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...

3.5CVSS5AI score0.00765EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.26 views

CVE-2013-6318

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote attackers to inject arbitrary web script or HTML via...

4.3CVSS5.6AI score0.00939EPSS
Exploits1References2
NVD
NVD
added 2014/03/05 11:55 a.m.15 views

CVE-2013-5468

IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, does not encrypt login requests, which allows remote attackers to obtain sensitive information by sniffing the...

5CVSS6AI score0.01183EPSS
Exploits0References2
Prion
Prion
added 2014/03/05 11:55 a.m.16 views

Directory traversal

Directory traversal vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to read arbitrary files via unspecified...

4CVSS6.5AI score0.01453EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/03/05 11:55 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...

3.5CVSS5.3AI score0.00765EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/03/05 11:55 a.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...

3.5CVSS5.3AI score0.00765EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder