83 matches found
CVE-2021-36328
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database...
CVE-2021-36327
Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choi...
CVE-2021-36326
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...
CVE-2021-36326
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...
Design/Logic Flaw
Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...
Format string
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...
Session fixation
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user...
CVE-2021-36330
Dell EMC Streaming Data Platform versions before 1.3 are affected by an Insufficient Session Expiration vulnerability. A remote unauthenticated attacker could reuse old session artifacts to impersonate a legitimate user. A Dell-emitted security update (DSA-2021-205) exists to address third-party ...
CVE-2021-36330
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user...
CVE-2021-36329
CVE-2021-36329 affects Dell EMC Streaming Data Platform prior to 1.3, where an Indirect Object Reference vulnerability could let a remote attacker obtain sensitive information. Multiple sources corroborate the impact as disclosure of information via indirect access. The vulnerability is documente...
CVE-2021-36329
Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive information...
CVE-2021-36328
CVE-2021-36328 corresponds to a SQL Injection vulnerability in Dell EMC Streaming Data Platform, affecting versions before 1.3. The flaw arises from a database‑level input handling issue that allows an attacker to execute arbitrary SQL commands, potentially performing unauthorized actions and exp...
CVE-2021-36328
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the database...
CVE-2021-36327
Dell EMC Streaming Data Platform versions before 1.3 are affected by a Server-Side Request Forgery (SSRF) vulnerability. An unauthenticated remote attacker could trigger SSRF to perform internal network port scans and issue HTTP requests to arbitrary external domains. A fix is available via Dell ...
CVE-2021-36326
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...
CVE-2021-36326
CVE-2021-36326: Dell EMC Streaming Data Platform versions prior to 1.3 expose an SSL Strip vulnerability in the UI, enabling a remote unauthenticated attacker to downgrade client–server communications to an unencrypted form. Affected component: UI for streaming data platform; root cause: unencryp...
Dell Emc Streaming Data Platform 安全漏洞
Dell Emc Streaming Data Platform is a Dell platform for ingesting, storing and analyzing continuous streaming data in real time. A security vulnerability exists in the Dell Emc Streaming Data Platform that originates from the inclusion of an indirect object reference, which can be exploited by an...
Dell Emc Streaming Data Platform 安全漏洞
Dell Emc Streaming Data Platform is a platform for ingesting, storing and analyzing continuous streaming data in real time from Dell USA. communication to an unencrypted format...
USN-3598-1 curl vulnerabilities
Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-1000120 Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue t...
CVE-2014-0075
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...