Lucene search
K

4195 matches found

OSV
OSV
added 2020/01/14 6:15 p.m.1 views

CVE-2020-6306

Missing authorization check in a transaction within SAP Leasing update provided in SAPAPPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17...

2.7CVSS5.8AI score0.00596EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/01/06 2:46 p.m.113 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

6.5CVSS7.1AI score0.03133EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/01/06 2:16 p.m.115 views

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

6.5CVSS7.1AI score0.03133EPSS
Exploits0References5
OSV
OSV
added 2019/12/27 12:32 p.m.17 views

SUSE-SU-2019:3389-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-16746: There was an issue in net/wireless/nl80211.c where the kernel did not check the length of variable elements in a beacon head, leading to a buffer...

10CVSS9.3AI score0.16908EPSS
Exploits2References127
CNVD
CNVD
added 2019/12/21 12:0 a.m.1 views

IBM Financial Transaction Manager for SWIFT Services Clickjacking Vulnerability

IBM Financial Transaction Manager for SWIFT Services is a financial transaction manager product from IBM in the United States. The product is primarily used for monitoring, tracking and reporting financial payments and transactions. A clickjacking vulnerability exists in IBM Financial Transaction...

6.1CVSS6.8AI score0.00897EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/21 12:0 a.m.3 views

IBM Financial Transaction Manager for SWIFT Services Cross-Site Scripting Vulnerability

IBM Financial Transaction Manager for SWIFT Services is a financial transaction manager product from IBM, USA. The product is primarily used for monitoring, tracking and reporting financial payments and transactions. A cross-site scripting vulnerability exists in IBM Financial Transaction Manager...

6.1CVSS6.4AI score0.00754EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/21 12:0 a.m.2 views

IBM Financial Transaction Manager for SWIFT Services Cross-Site Request Forgery Vulnerability

IBM Financial Transaction Manager for SWIFT Services is a financial transaction manager product from IBM, USA. The product is primarily used for monitoring, tracking and reporting financial payments and transactions. A cross-site request forgery vulnerability exists in IBM Financial Transaction...

4.3CVSS6.9AI score0.00403EPSS
Exploits0References1
OSV
OSV
added 2019/12/20 5:15 p.m.4 views

CVE-2019-4744

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882...

6.1CVSS5.4AI score0.00754EPSS
Exploits0References2
NVD
NVD
added 2019/12/20 5:15 p.m.22 views

CVE-2019-4742

IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

6.1CVSS6.1AI score0.00897EPSS
Exploits0References2
NVD
NVD
added 2019/12/20 5:15 p.m.16 views

CVE-2019-4744

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882...

6.1CVSS5.8AI score0.00754EPSS
Exploits0References2
OSV
OSV
added 2019/12/20 5:15 p.m.1 views

CVE-2019-4736

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706...

4.3CVSS6AI score0.00403EPSS
Exploits0References2
NVD
NVD
added 2019/12/20 5:15 p.m.23 views

CVE-2019-4736

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706...

4.3CVSS4.7AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2019/12/20 5:15 p.m.3 views

CVE-2019-4742

IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

6.1CVSS6.6AI score0.00897EPSS
Exploits0References2
NVD
NVD
added 2019/12/20 5:15 p.m.21 views

CVE-2019-4743

IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link...

4.3CVSS4.1AI score0.0063EPSS
Exploits0References2
Prion
Prion
added 2019/12/20 5:15 p.m.17 views

Cross site scripting

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882...

4.3CVSS5.6AI score0.00754EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/12/20 5:15 p.m.15 views

Cross site request forgery (csrf)

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172706...

4.3CVSS4.7AI score0.00403EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/12/20 5:15 p.m.18 views

Design/Logic Flaw

IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

4.3CVSS6.1AI score0.00897EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/12/20 5:15 p.m.20 views

Authorization

IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link...

4.3CVSS4.1AI score0.0063EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/12/20 4:25 p.m.65 views

CVE-2019-4744

IBM Financial Transaction Manager for SWIFT Services 3.0.0 (Multiplatforms) is affected by CVE-2019-4744, a cross-site scripting vulnerability in the Web UI that could allow an attacker to inject arbitrary JavaScript and potentially disclose credentials in a trusted session. Remediation: install ...

6.1CVSS5.9AI score0.00754EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/20 4:25 p.m.23 views

CVE-2019-4744

IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172882...

6.1CVSS5.8AI score0.00754EPSS
Exploits0References2
Rows per page
Query Builder