Lucene search
K

83 matches found

NVD
NVD
added 2021/11/30 9:15 p.m.12 views

CVE-2021-36328

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database...

8.8CVSS0.00845EPSS
Exploits0References1
NVD
NVD
added 2021/11/30 9:15 p.m.13 views

CVE-2021-36327

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choi...

5.3CVSS0.01015EPSS
Exploits0References1
NVD
NVD
added 2021/11/30 9:15 p.m.13 views

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

6.5CVSS0.01181EPSS
Exploits0References1
OSV
OSV
added 2021/11/30 9:15 p.m.3 views

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

6.5CVSS6.7AI score0.01181EPSS
Exploits0References1
Prion
Prion
added 2021/11/30 9:15 p.m.13 views

Design/Logic Flaw

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

4CVSS6.6AI score0.00675EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/30 9:15 p.m.19 views

Format string

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

4.3CVSS6.4AI score0.01181EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/30 9:15 p.m.19 views

Session fixation

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user...

7.5CVSS9.3AI score0.01157EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/30 8:40 p.m.44 views

CVE-2021-36330

Dell EMC Streaming Data Platform versions before 1.3 are affected by an Insufficient Session Expiration vulnerability. A remote unauthenticated attacker could reuse old session artifacts to impersonate a legitimate user. A Dell-emitted security update (DSA-2021-205) exists to address third-party ...

9.8CVSS9.4AI score0.01157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/30 8:40 p.m.17 views

CVE-2021-36330

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user...

8.1CVSS9.6AI score0.01157EPSS
Exploits0References1
CVE
CVE
added 2021/11/30 8:40 p.m.38 views

CVE-2021-36329

CVE-2021-36329 affects Dell EMC Streaming Data Platform prior to 1.3, where an Indirect Object Reference vulnerability could let a remote attacker obtain sensitive information. Multiple sources corroborate the impact as disclosure of information via indirect access. The vulnerability is documente...

6.5CVSS6.6AI score0.00675EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/30 8:40 p.m.13 views

CVE-2021-36329

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...

6.5CVSS6.8AI score0.00675EPSS
Exploits0References1
CVE
CVE
added 2021/11/30 8:40 p.m.38 views

CVE-2021-36328

CVE-2021-36328 corresponds to a SQL Injection vulnerability in Dell EMC Streaming Data Platform, affecting versions before 1.3. The flaw arises from a database‑level input handling issue that allows an attacker to execute arbitrary SQL commands, potentially performing unauthorized actions and exp...

8.8CVSS8.9AI score0.00845EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/30 8:40 p.m.17 views

CVE-2021-36328

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database...

8.8CVSS9.2AI score0.00845EPSS
Exploits0References1
CVE
CVE
added 2021/11/30 8:40 p.m.37 views

CVE-2021-36327

Dell EMC Streaming Data Platform versions before 1.3 are affected by a Server-Side Request Forgery (SSRF) vulnerability. An unauthenticated remote attacker could trigger SSRF to perform internal network port scans and issue HTTP requests to arbitrary external domains. A fix is available via Dell ...

5.3CVSS5.4AI score0.01015EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/30 8:40 p.m.14 views

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

6.5CVSS6.6AI score0.01181EPSS
Exploits0References1
CVE
CVE
added 2021/11/30 8:40 p.m.47 views

CVE-2021-36326

CVE-2021-36326: Dell EMC Streaming Data Platform versions prior to 1.3 expose an SSL Strip vulnerability in the UI, enabling a remote unauthenticated attacker to downgrade client–server communications to an unencrypted form. Affected component: UI for streaming data platform; root cause: unencryp...

6.5CVSS6.4AI score0.01181EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/11/30 12:0 a.m.5 views

Dell Emc Streaming Data Platform 安全漏洞

Dell Emc Streaming Data Platform is a Dell platform for ingesting, storing and analyzing continuous streaming data in real time. A security vulnerability exists in the Dell Emc Streaming Data Platform that originates from the inclusion of an indirect object reference, which can be exploited by an...

6.5CVSS5.6AI score0.00675EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/11/30 12:0 a.m.5 views

Dell Emc Streaming Data Platform 安全漏洞

Dell Emc Streaming Data Platform is a platform for ingesting, storing and analyzing continuous streaming data in real time from Dell USA. communication to an unencrypted format...

6.5CVSS6.5AI score0.01181EPSS
Exploits0References2
OSV
OSV
added 2018/03/15 12:2 p.m.3 views

USN-3598-1 curl vulnerabilities

Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-1000120 Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue t...

9.8CVSS6.7AI score0.12058EPSS
Exploits0References4
NVD
NVD
added 2014/05/31 11:17 a.m.23 views

CVE-2014-0075

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

5CVSS8AI score0.2006EPSS
Exploits1References48
Rows per page
Query Builder