Lucene search
+L

141 matches found

CNNVD
CNNVD
added 2022/08/01 12:0 a.m.3 views

IBM CICS TX 跨站请求伪造漏洞

IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA, Inc. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Advanced version 11.1 contains a security vulnerability that stems from a lack of authentication measures or...

8.8CVSS5.6AI score0.00383EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/07/08 12:0 a.m.5 views

PT-2022-22117 · Ibm · Ibm Cics Tx Standard +1

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard and Advanced version 11.1 Description: The issue is caused by improper validation of input by the HOST headers, leading to HTTP header injection. This could allow an attacker to conduct various attacks against the...

5.5CVSS5.4AI score0.00693EPSS
Exploits0References5
NVD
NVD
added 2022/07/01 4:15 p.m.21 views

CVE-2022-2250

An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL...

6.1CVSS0.01518EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/07/01 3:3 p.m.30 views

CVE-2022-2250

An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL...

4.7CVSS6.4AI score0.01518EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/03/28 12:0 a.m.21 views

GitLab 11.1.x - 11.1.7, 11.2.x - 11.2.4, 11.3.x - 11.3.1 Information Disclosure Vulnerability

GitLab is prone to an exposure of sensitive information to an unauthorized actor vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.4AI score0.01166EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.24 views

IBM DB2 9.7 < 9.7.0 FP11 40985 / 10.1 < 10.1.0 FP6 40986 / 10.5 < 10.5.0 FP11 40988 / 11.1 < 11.1.4 FP6 40997 / 11.5 < 11.5.7 Information Disclosure (Unix)

According to its self-reported version number, IBM Db2 is affected by multiple vulnerabilities: - IBM Db2 is affected by an information disclosure vulnerability when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. CVE-2021-20373 - IB...

8.7CVSS7AI score0.01482EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.60 views

ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass

Zoho ManageEngine ServiceDesk Plus versions 11.3 before 11302, 11.2 before 11208, 11.1 before 11145 and 11.0 before 11012 are vulnerable to authentication bypass that allows a few REST-API URLs without authentication. Note that Nessus has not tested for this issue but has instead relied only on t...

9.8CVSS8.3AI score0.99854EPSS
Exploits0References2
Prion
Prion
added 2021/11/08 5:15 p.m.14 views

Cross site scripting

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

3.5CVSS5.2AI score0.00476EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/10/12 12:0 a.m.4 views

PT-2021-4691 · Foxit · Foxit Pdf Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 11.1 Foxit PDF Editor versions prior to 11.1 Foxit PhantomPDF versions prior to 10.1.6 Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute...

10CVSS7.9AI score0.01253EPSS
Exploits1References7
OSV
OSV
added 2021/09/16 4:15 p.m.2 views

CVE-2021-29763

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. IBM X-Force ID: 202267...

5.1CVSS6.5AI score0.00254EPSS
Exploits0References3
OSV
OSV
added 2021/09/01 3:15 p.m.3 views

CVE-2021-39817

Adobe Bridge version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

7.8CVSS6.3AI score0.02703EPSS
Exploits0References1
Prion
Prion
added 2021/09/01 3:15 p.m.14 views

Design/Logic Flaw

Adobe Bridge versions 11.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim mus...

4.3CVSS3.7AI score0.01779EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/09/01 3:15 p.m.13 views

Memory corruption

Adobe Bridge version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

9.3CVSS7.8AI score0.02705EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.6 views

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge, a free digital asset management application from Adobe, is vulnerable to an out-of-bounds write vulnerability in Adobe Bridge 11.1 and earlier. An attacker could exploit the vulnerability to execute arbitrary code...

9.3CVSS6.1AI score0.02315EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.5 views

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a free digital asset management application from Adobe. 11.1 and earlier versions of Adobe Bridge contain a memory out-of-bounds access vulnerability. An attacker could exploit the vulnerability to execute arbitrary code...

9.3CVSS6.1AI score0.02705EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.6 views

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a free digital asset management application from Adobe. 11.1 and earlier versions of Adobe Bridge contain an out-of-bounds read vulnerability. An attacker could exploit the vulnerability to execute arbitrary code...

9.3CVSS6.1AI score0.03154EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/22 6:13 p.m.24 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in July 2020 Vulnerability Details CVEID: CVE-2020-4688 DESCRIPTION: IBM Security Guardium could allow a local...

8.8CVSS1AI score0.01501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/07 2:9 p.m.21 views

Security Bulletin: IBM Security Guardium is affected by a Privilege Escalation vulnerability (CVE-2020-4952)

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2020-4952 DESCRIPTION: IBM Security Guardium could allow an authenticated user to gain root access due to improper access control. CVSS Base score: 8.8 CVSS Temporal Score: See:...

9CVSS0.9AI score0.01984EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/04 7:54 p.m.37 views

Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2020-35513 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw with incorrectly umask during file or directory modification in the NFS network file system function. By sending ...

4.9CVSS5.8AI score0.01347EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/06/02 12:0 a.m.7 views

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2021-38770)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...

5.4CVSS6AI score0.0096EPSS
Exploits0References1
Rows per page
Query Builder