69 matches found
CVE-2024-45082
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displaye...
IBM Cognos Analytics 安全漏洞
IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decision-making by analyzing such things as key factors versus key people. A security...
PT-2025-3042 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.2 watchOS versions prior to 11.2 tvOS versions prior to 18.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: The issue is related to a buffer memory out-of-bounds write. It may allow an attacke...
CVE-2023-39129 affecting package gdb for versions less than 11.2-3
CVE-2023-39129 affecting package gdb for versions less than 11.2-3. A patched version of the package is available...
CVE-2023-39130 affecting package gdb for versions less than 11.2-3
CVE-2023-39130 affecting package gdb for versions less than 11.2-3. A patched version of the package is available...
CVE-2024-8149
There is a reflected Cross‑Site Scripting XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and 11.2 that may allow a remote, authenticated attacker with low‑privileged access to create a crafted link which, when clicked, could potentially execute arbitrary JavaScript code in the victim’s...
IBM Cognos Analytics 11.2.x < 11.2.4 FP4 Interim Fix 2 / 12.0.x < 12.0.3 Interim Fix 2 (7160700)
The version of IBM Cognos Analytics installed on the remote host is either prior to 11.2.4 FP4 Interim Fix 2 or i 12.0.3 Interim Fix 2. It is, therefore, affected by an exposed API key as referenced in the IBM Security Bulletin No. 7160700: - A local attacker could obtain sensitive information in...
CVE-2023-3920 Incorrect Authorization in GitLab
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the...
CVE-2023-3920
Removed by vendor...
CVE-2023-39374
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...
CVE-2023-39374 ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...
CVE-2023-39374 ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element...
IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2023-41887)
IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripti...
GitLab 11.1.x - 11.1.7, 11.2.x - 11.2.4, 11.3.x - 11.3.1 Information Disclosure Vulnerability
GitLab is prone to an exposure of sensitive information to an unauthorized actor vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass
Zoho ManageEngine ServiceDesk Plus versions 11.3 before 11302, 11.2 before 11208, 11.1 before 11145 and 11.0 before 11012 are vulnerable to authentication bypass that allows a few REST-API URLs without authentication. Note that Nessus has not tested for this issue but has instead relied only on t...
Cross site scripting
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Security Bulletin: IBM Security Guardium is affected by a Missing Security Control vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2018-1501 DESCRIPTION: IBM Security Guardium EcoSystem could allow an unauthorized user to obtain sensitive information due to missing security controls. CVSS Base score: 5.3 CVSS Temporal Score: See:...
IBM Security Guardium 安全漏洞
IBM Security Guardium is a comprehensive data protection solution that provides comprehensive data security capabilities from compliance support to dynamic data shielding. An information disclosure vulnerability exists in IBM Security Guardium version 11.2. The vulnerability stems from a dependen...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Security Guardium. These issues were disclosed as part of the IBM Java SDK updates in July 2020 Vulnerability Details CVEID: CVE-2020-4688 DESCRIPTION: IBM Security Guardium could allow a local...
Security Bulletin: IBM Security Guardium is affected by a Privilege Escalation vulnerability (CVE-2020-4952)
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2020-4952 DESCRIPTION: IBM Security Guardium could allow an authenticated user to gain root access due to improper access control. CVSS Base score: 8.8 CVSS Temporal Score: See:...