Lucene search
K

696 matches found

myhack58
myhack58
added 2015/04/16 12:0 a.m.18 views

Microsoft patch day 2015-4-14: the repair of many high-risk IE, Windows, Office vulnerabilities-vulnerability warning-the black bar safety net

Monthly the second Tuesday, Microsoft fixed the patch to fix the day, Microsoft on Tuesday(2015-4-14 the“patch day”on repairing a large number of vulnerabilities, which includes many IE, Windows, Office, high-risk vulnerabilities. Update announcement MS15-0 3 4 announcement MS15-0 3 4 announcemen...

1AI score
Exploits0
NVD
NVD
added 2014/02/01 3:55 p.m.18 views

CVE-2014-0833

The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...

5.5CVSS6AI score0.01107EPSS
Exploits0References3
NVD
NVD
added 2014/02/01 3:55 p.m.21 views

CVE-2014-0830

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...

4CVSS6AI score0.01441EPSS
Exploits0References2
NVD
NVD
added 2014/02/01 3:55 p.m.24 views

CVE-2014-0831

Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...

6.8CVSS7AI score0.00636EPSS
Exploits0References3
Prion
Prion
added 2014/02/01 3:55 p.m.17 views

Directory traversal

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...

4CVSS6.5AI score0.01441EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/02/01 3:55 p.m.13 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...

6.8CVSS7.5AI score0.00636EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/02/01 3:55 p.m.17 views

Design/Logic Flaw

The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...

5.5CVSS6.5AI score0.01107EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/02/01 3:55 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value...

3.5CVSS5.4AI score0.00759EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.20 views

CVE-2014-0831

Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...

7AI score0.00636EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.27 views

CVE-2014-0833

The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...

6AI score0.01107EPSS
Exploits0References3
CVE
CVE
added 2014/02/01 3:0 p.m.43 views

CVE-2014-0831

CVE-2014-0831: IBM Financial Transaction Manager (FTM) 2.0 OAC is vulnerable to Cross-Site Request Forgery. An authenticated attacker could trigger edits to configuration data. Affected product: FTM 2.0 (OAC). Root cause: CSRF in the OAC component. Impact: potential unauthorized configuration cha...

6.8CVSS7.2AI score0.00636EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/02/01 3:0 p.m.47 views

CVE-2014-0833

IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 is affected by CVE-2014-0833 where the OAC component does not properly enforce operator-intervention requirements, allowing an authenticated remote user to bypass intended access restrictions via an unspecified process step. The affected ...

5.5CVSS6.2AI score0.01107EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/02/01 3:0 p.m.49 views

CVE-2014-0832

IBM Financial Transaction Manager 2.0/2.1 OAC contains cross-site scripting vulnerabilities in the configuration-details screens. Root cause: injected JavaScript/HTML via crafted text values; impacts authenticated users viewing those records. CVSS base 3.5. Affected: FTM 2.0 (and 2.1). Remediatio...

3.5CVSS5.2AI score0.00759EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.21 views

CVE-2014-0832

Multiple cross-site scripting XSS vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value...

5.2AI score0.00759EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/02/01 3:0 p.m.22 views

CVE-2014-0830

Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...

6AI score0.01441EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2010/08/17 12:0 a.m.59 views

Microsoft Windows KTM Invalid Free With Reused Transaction GUID

Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent versions of Windows. Microsoft describe...

7.2CVSS6.5AI score0.01973EPSS
Exploits6
Rows per page
Query Builder