Lucene search
K

313 matches found

OSV
OSV
added 2023/07/19 1:15 a.m.5 views

CVE-2023-35900

IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368...

5.3CVSS5.8AI score0.00438EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.5 views

PT-2023-5439 · Ibm · Ibm Robotic Process Automation For Cloud Pak

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation for Cloud Pak versions 21.0.0 through 21.0.7.4 IBM Robotic Process Automation for Cloud Pak versions 23.0.0 through 23.0.5 Description: The issue is related to the disclosure of server version information, which...

5.3CVSS5.2AI score0.00438EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/07/19 12:0 a.m.5 views

IBM Robotic Process Automation 安全漏洞

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. IBM Robotic Process Automation suffers from an information disclosure vulnerability that stems from the program's tendency to disclose server version information, which can be exploite...

5.3CVSS5.9AI score0.00438EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 8:44 p.m.25 views

Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to multiple vulnerabilities in jackson-databind ( CVE-2022-42004, CVE-2022-42003)

Summary Multiple vulnerabilities in jackson-databind used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the...

7.5CVSS7.6AI score0.02824EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.84 views

RHEL 8 : httpd:2.4 (RHSA-2023:1673)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1673 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...

9.8CVSS7AI score0.8377EPSS
Exploits5References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1327

The SILCSERVERCMDFUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service NULL dereference and daemon crash via a request without a cipher algorithm and an invalid HMAC algorithm...

7.8CVSS6.8AI score0.09886EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.4 views

SUSE CVE-2014-8098

The GLX extension in XFree86 4.0, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index valu...

6.5CVSS7.8AI score0.05192EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.2 views

SUSE CVE-2022-21525

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5AI score0.01418EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.4 views

Trend Micro Apex One 代码问题漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. A security vulnerability exists in Trend Micro Apex One server version 11110, which arises from the use of an incorrectly formatted Content-Length header in its HTTP PUT message that allows an unauthenticated, remote attack...

9.1CVSS8.7AI score0.59585EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 8:44 p.m.18 views

Security Bulletin: A clickjacking vulnerability in WebSphere Application Server Liberty affects IBM InfoSphere Information Server

Summary A clickjacking vulnerability in WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-39038 DESCRIPTION: IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through...

5.4CVSS5AI score0.00689EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/10/07 6:15 p.m.39 views

CVE-2022-21936

On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI...

8.1CVSS0.00492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/03 12:0 a.m.35 views

Mattermost Server 7.1.0 DoS (MMSA-2022-00115)

The version of Mattermost Server running on the remote host is 7.1.0. It is, therefore, affected by a denial of service DoS vulnerability. An authenticated, remote attacker can upload a specially crafted GIF file when creating a post which causes resource exhaustion on the host. Note that Nessus...

6.5CVSS6.5AI score0.01096EPSS
Exploits1References3
OSV
OSV
added 2022/08/17 9:15 p.m.4 views

CVE-2022-2337

A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...

7.5CVSS5.8AI score0.01297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/07 12:0 a.m.5 views

PT-2022-15647 · Unknown · Sante Pacs Server

Name of the Vulnerable Software and Affected Versions: Sante PACS Server version 3.0.4 Description: This issue allows remote attackers to bypass authentication on affected installations. The flaw exists within the processing of calls to the "login endpoint". When parsing the username element, the...

9.8CVSS9.7AI score0.02379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/06/29 12:0 a.m.4 views

PT-2022-7986 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server version 4.3.7 Description: A vulnerability was found in an unknown functionality of the file /admin/group, leading to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclosed to the...

5.4CVSS5.2AI score0.00577EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/06/29 12:0 a.m.7 views

PT-2022-7987 · Trueconf · Trueconf Server

Name of the Vulnerable Software and Affected Versions: TrueConf Server version 4.3.7 Description: A problematic issue affects some unknown functionality of the file "/admin/conferences/list/". The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be...

5.4CVSS5.3AI score0.00577EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/06/24 12:15 p.m.3 views

CVE-2021-41638

The authentication checks of the MELAG FTP Server in version 2.2.0.4 are incomplete, which allows a remote attacker to access local files only by using a valid username...

7.5CVSS7.2AI score0.01577EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2022/06/23 12:0 a.m.7 views

June 23, 2022—KB5014665 (OS Build 20348.803) Preview

June 23, 2022—KB5014665 OS Build 20348.803 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

7.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/14 10:15 a.m.4 views

CVE-2022-32259

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with...

6.5CVSS5.4AI score0.00597EPSS
Exploits0References3
OSV
OSV
added 2022/06/14 10:15 a.m.6 views

CVE-2022-32253

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker...

7.5CVSS7AI score0.00571EPSS
Exploits0References2
Rows per page
Query Builder