Lucene search
K

86 matches found

Prion
Prion
added 2022/10/19 4:15 p.m.22 views

Design/Logic Flaw

Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins...

5CVSS5.3AI score0.00579EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/09/16 2:15 a.m.18 views

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

6.5CVSS0.00892EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/09/16 2:15 a.m.2 views

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

6.5CVSS6AI score0.00892EPSS
Exploits1References3
OSV
OSV
added 2022/09/16 2:15 a.m.4 views

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

6.5CVSS5.8AI score0.00892EPSS
Exploits1References2
Prion
Prion
added 2022/09/16 2:15 a.m.26 views

Design/Logic Flaw

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

4CVSS6.4AI score0.00892EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 1:55 a.m.27 views

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

6.6AI score0.00892EPSS
Exploits1References2
CVE
CVE
added 2022/09/16 1:55 a.m.52 views

CVE-2022-34002

The CVE-2022-34002 issue affects PDS Vista 7 and concerns a Local File Inclusion vulnerability in the /application/documents/display.aspx endpoint, specifically the document parameter. A low-privileged authenticated attacker could leak configuration files and source code of the web application. A...

6.5CVSS6.4AI score0.00892EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.8 views

PT-2022-21962 · Pds Vista · Pds Vista

Name of the Vulnerable Software and Affected Versions: PDS Vista version 7 Description: The issue concerns a Local File Inclusion vulnerability in the document parameter of the "/application/documents/display.aspx" API endpoint. This allows a low-privileged authenticated attacker to leak...

6.5CVSS6.4AI score0.00892EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.9 views

The vulnerability of the Jenkins Compuware Source Code Download plugin for Endevor, PDS, and ISPW plugins is related to deficiencies in the authentication process, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Compuware Source Code Download plugin for Endevor, PDS, and ISPW plugins is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS6.6AI score0.00605EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/07/28 12:0 a.m.32 views

Jenkins Compuware Source Code Download is missing authorization

BMC Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stor...

6.5CVSS6.6AI score0.00605EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2022/07/27 3:15 p.m.40 views

CVE-2022-36896

A missing permission check in Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...

6.5CVSS0.00605EPSS
Exploits0References2
CVE
CVE
added 2022/07/27 2:23 p.m.96 views

CVE-2022-36896

CVE-2022-36896 affects the Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin (versions 2.0.12 and earlier). The root cause is a missing permission check on several HTTP endpoints, enabling attackers with Overall/Read permission to enumerate Compuware hosts/ports and credent...

6.5CVSS6.4AI score0.00605EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2021/02/08 12:0 a.m.479 views

Millewin 13.39.146.1 - Local Privilege Escalation

Exploit Title: Millewin 13.39.146.1 - Local Privilege Escalation Date: 2021-02-07 Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link:...

8.8CVSS8.9AI score0.05794EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2020/04/15 5:1 p.m.7 views

skipass-pds-ch.ch Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1143621 Security Researcher metamorfosec Helped patch 1957 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting skipass-pds-ch.ch...

0.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2018/07/12 8:29 p.m.4 views

aequitas (>=0.26.0 <=0.42.0), codalab (>=0.5.29 <=0.5.52) +13 more potentially affected by CVE-2018-5773 via markdown2 (>=2.3.0 <=2.3.5)

markdown2 PYPI version =2.3.0, =0.26.0, =0.5.29, =3.8.3, =0.0.1, =0.7.0a1, =0.4.3, =2.1.0, =1.13.0, =2.1.0, =2.24.1, =4.2.0, =5.5.5 Source cves: CVE-2018-5773 Source advisory: OSV:GHSA-P6H9-GW49-RQM4...

6.1CVSS6.3AI score0.00812EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 10:31 p.m.24 views

Security Bulletin: Multiple Security Vulnerabilities in Certain GUI Components of IBM Algo Credit Limits.

Summary Abstract: Multiple security vulnerabilities exist in certain GUI components of IBM Algo Credit Limits, namely ACLM Web GUI, PDS Blotter Web GUI, and ACLM Win GUI. Details of each vulnerability and the affected components are set out below. Vulnerability Details DESCRIPTION: Customers who...

6.8CVSS0.8AI score0.0571EPSS
Exploits8Affected Software1
Cvelist
Cvelist
added 2015/01/02 8:0 p.m.27 views

CVE-2014-7294

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

6.7AI score0.02036EPSS
Exploits1References3
CVE
CVE
added 2015/01/02 8:0 p.m.38 views

CVE-2014-7294

CVE-2014-7294 is an open redirect vulnerability in the logon page of Ex Libris Patron Directory Services (PDS) OpenSSO Integration 2.1 and earlier . The root cause is improper redirect handling in the login flow, allowing remote attackers to craft a URL with a redirect target in the url parameter...

5.8CVSS6.9AI score0.02036EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

HP-UX 10.x stmkfont Alternate Typeface Library Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6836/info A buffer overflow vulnerability has been reported in the stmkfont utility shipped with HP-UX systems. The problem occurs due to insufficient bounds checking on user-suplied data to the alternate typeface library...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

HP-UX 10.x stmkfont Alternate Typeface Library Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/6836/info A buffer overflow vulnerability has been reported in the stmkfont utility shipped with HP-UX systems. The problem occurs due to insufficient bounds checking on user-suplied data to the alternate typeface library...

7.1AI score
Exploits0
Rows per page
Query Builder