Lucene search
K

57 matches found

CNNVD
CNNVD
added 2023/01/20 12:0 a.m.4 views

Database Performance Analyzer 跨站脚本漏洞

SolarWinds Database Performance Analyzer Dpa is a database performance analyzer from SolarWinds, Inc. It is used to monitor, diagnose, and resolve performance issues with many types of database instances. A cross-site scripting vulnerability exists in Database Performance Analyzer DPA version...

5.4CVSS5.3AI score0.00398EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.4 views

Database Performance Analyzer 安全漏洞

SolarWinds Database Performance Analyzer Dpa is a database performance analyzer from SolarWinds, Inc. It is used to monitor, diagnose, and resolve performance issues with many types of database instances. A security vulnerability exists in Database Performance Analyzer DPA version 2022.4 and...

7.5CVSS7.3AI score0.00412EPSS
Exploits0References3
CNVD
CNVD
added 2021/10/25 12:0 a.m.12 views

SolarWinds Database Performance Analyzer Cross-Site Scripting Vulnerability

Solarwinds SolarWinds Database Performance Analyzer is a database performance analyzer from SolarWinds, Inc. The product is used for SQL query performance monitoring, analysis, tuning, etc. A security vulnerability exists in SolarWinds Database Performance Analyzer v2021.3.7388, which stems from ...

5.5CVSS0.7AI score0.00558EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/01/20 12:0 a.m.5 views

The vulnerability of the software for monitoring performance of SolarWinds Database Performance Analyzer (DPA) arises from the lack of protective measures for the website structure, allowing a perpetrator to carry out a cross-site scripting attack.

The vulnerability of the software for monitoring the performance of SolarWinds Database Performance Analyzer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute a cross-site scripting attack remotely...

5.4CVSS5.7AI score0.01359EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/19 12:0 a.m.5 views

The vulnerability of D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500, DSR-500N, DSR-500AC, DSR-1000, DSR-1000N, and DSR-1000AC router microprogramming systems lies in the deficiencies in the algorithm for calculating the checksum. This vulnerability allows attackers to exploit their privileges and execute arbitrary code.

The vulnerability of the software for monitoring the performance of SolarWinds Database Performance Analyzer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute a cross-site scripting attack remotely...

9CVSS7.4AI score0.01236EPSS
Exploits0References2Affected Software10
CNVD
CNVD
added 2020/12/21 12:0 a.m.3 views

SolarWinds Database Performance Analyzer Cross-Site Scripting Vulnerability

SolarWinds Database Performance Analyzer is a set of database performance analyzers from SolarWinds Solarwinds, USA. The product is used for SQL query performance monitoring, analysis and tuning and so on. A cross-site scripting vulnerability exists in SolarWinds Database Performance Analyzer DPA...

5.4CVSS6.8AI score0.01359EPSS
Exploits0References1
OSV
OSV
added 2020/12/15 11:15 p.m.2 views

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

5.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2020/12/15 11:15 p.m.24 views

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

5.4CVSS5.3AI score0.01359EPSS
Exploits0References1
OSV
OSV
added 2019/08/14 8:15 p.m.4 views

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

6.1CVSS5.8AI score0.09044EPSS
Exploits1References2
NVD
NVD
added 2019/08/14 8:15 p.m.14 views

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

6.1CVSS6.1AI score0.09044EPSS
Exploits1References2
Prion
Prion
added 2019/08/14 8:15 p.m.13 views

Cross site scripting

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

4.3CVSS5.9AI score0.09044EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/08/14 7:30 p.m.75 views

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains a reflected XSS in idcStateError where the page parameter is reflected into the HREF of the “Try Again” button at /iwc/idcStateError.iwc?page=. Exploitation would execute script in the victim’s browser, potentially enabling session hijack...

6.1CVSS6AI score0.09044EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/05/24 12:0 a.m.3 views

The vulnerability of the Intel Graphics Performance Analyzer’s set of utilities stems from deficiencies in access control mechanisms, allowing attackers to exploit these vulnerabilities to enhance their privileges.

The vulnerability of the Intel Graphics Performance Analyzer utility is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS7.2AI score0.00392EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/04/17 6:29 p.m.3 views

CVE-2019-0158

Insufficient path checking in the installation package for IntelR Graphics Performance Analyzer for Linux version 18.4 and before may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00392EPSS
Exploits0References2
CVE
CVE
added 2019/04/17 5:2 p.m.72 views

CVE-2019-0158

CVE-2019-0158 affects Intel® Graphics Performance Analyzer for Linux (GPA) 18.4 and earlier. Root cause: insufficient path checking in the GPA installation package, enabling an authenticated local user to potentially escalate privileges. Impact per Intel advisory: local escalation with high impac...

7.8CVSS7.7AI score0.00392EPSS
Exploits0References2Affected Software1
Intel
Intel
added 2019/04/09 12:0 a.m.41 views

Intel® Graphics Performance Analyzer for Linux Advisory

Summary: A potential security vulnerability in Intel® Graphics Performance Analyzer for Linux may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-0158 Description: Insufficient path checking in the...

7.8CVSS7.6AI score0.00392EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2019/01/10 12:0 a.m.18 views

Microsoft Visual Studio wpa Protocol XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS1.4AI score
Exploits0References1
Rows per page
Query Builder