Lucene search
K

79 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/19 3:33 p.m.39 views

Security Bulletin: IBM Security Guardium is affected by a denial of service vulnerability in Apache Struts (CVE-2023-34149)

Summary IBM Security Guardium has addressed this vulnerability with an update. Vulnerability Details CVEID:CVE-2023-34149 DESCRIPTION: Apache Struts is vulnerable to a denial of service, caused by a flaw with only handling setProperty but not getProperty. By sending a specially crafted request, a...

6.5CVSS5.5AI score0.05403EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/17 12:52 p.m.20 views

CVE-2023-22274 ZDI-CAN-21305: Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction...

7.5CVSS7.3AI score0.01458EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.6 views

PT-2023-7076 · Adobe · Robohelp Server

Name of the Vulnerable Software and Affected Versions: Adobe RoboHelp Server versions 11.4 and earlier Description: The issue is related to an Improper Restriction of XML External Entity Reference 'XXE' vulnerability. This could lead to information disclosure by an unauthenticated attacker...

8.5CVSS7.6AI score0.01458EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/19 7:52 p.m.66 views

Security Bulletin: IBM Security Guardium is affected by a denial of service vulnerability in MIT keb5 (CVE-2022-42898)

Summary IBM Security Guardium has fixed this vulnerability by upgrading the version of MIT krb5 that it uses. Vulnerability Details CVEID:CVE-2022-42898 DESCRIPTION: MIT krb5 is vulnerable to a denial of service, caused by an integer overflow in PAC parsing in the krb5parsepac function. By sendin...

8.8CVSS8.8AI score0.06419EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/08/29 12:0 a.m.14 views

IBM Security Guardium Command Execution Vulnerability (CNVD-2023-66736)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A command execution vulnerability exists in IBM Security...

8.8CVSS7.6AI score0.01017EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

Assembly Software Trialworks 跨站脚本漏洞

Assembly Software Trialworks is a feature-rich legal case management platform built by experienced trial attorneys from Assembly Software USA. A security vulnerability exists in Assembly Software Trialworks version v11.4, which stems from the presence of a cross-site scripting XSS vulnerability...

6.1CVSS6.2AI score0.0038EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.3 views

PT-2023-26043 · Assembly · Trialworks

Name of the Vulnerable Software and Affected Versions: Assembly Software Trialworks version 11.4 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the asset src parameter. This enables the execution of...

6.1CVSS6.2AI score0.0038EPSS
Exploits1References4
Prion
Prion
added 2023/01/12 4:15 a.m.22 views

Code injection

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols...

5.8CVSS6.3AI score0.00403EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/01/12 12:0 a.m.29 views

CVE-2023-0042

Removed by vendor...

6.1CVSS6.3AI score0.00403EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/09/01 12:0 a.m.29 views

Apple Mac OS X Security Update (HT212529)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.84224EPSS
Exploits2References3
CNVD
CNVD
added 2022/07/01 12:0 a.m.25 views

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2022-54639)

IBM Security Guardium is a suite of data protection features from IBM. The platform includes features such as custom UI, report management, and streamlined audit process building. IBM Security Guardium version 11.4 has a cross-site scripting vulnerability that stems from allowing users to embed...

6.1CVSS2.1AI score0.00573EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/29 12:0 a.m.4 views

IBM Security Guardium 跨站脚本漏洞

IBM Security Guardium is a suite of data protection features from IBM. The platform includes features such as custom UI, report management, and streamlined audit process building. IBM Security Guardium version 11.4 has a cross-site scripting vulnerability that stems from allowing users to embed...

6.1CVSS5.6AI score0.00573EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/23 4:59 p.m.42 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2019-10086, CVE-2021-41617)

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-41617 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in sshd when certain non-default configurations are used. By executing an...

7.5CVSS7.6AI score0.28839EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.17 views

Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub is affected by a user password being stored in plain text vulnerability (CVE-2017-1309)

Summary IBM InfoSphere Master Data Management Reference Data Management Hub has addressed the following vulnerability. IBM InfoSphere Master Data Management Reference Data Management Hub stores user credentials in plain text which can be read by a local user. Vulnerability Details CVEID:...

2.1CVSS0.8AI score0.00232EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.28 views

Security Bulletin: IBM InfoSphere Master Data Management Collaborative Edition affected by Privilege Escalation security vulnerabilities (CVE-2015-7424)

Summary IBM InfoSphere Master Data Management - Collaborative Edition is vulnerable to Privilege Escalation. Vulnerability Details CVEID: CVE-2014-7424 DESCRIPTION: Provide sufficient details for someone to tell if they have the problem, but not enough detail that someone with malicious intent...

5.4CVSS4.8AI score0.01342EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2022/03/28 7:15 p.m.29 views

CVE-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

4.3CVSS5.8AI score0.0091EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/03/28 12:0 a.m.19 views

GitLab 8.10.x - 11.2.6, 11.3.x - 11.3.7, 11.4.x - 11.4.2 Information Disclosure Vulnerability

GitLab is prone to a cleartext storage of sensitive information vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.2AI score0.00932EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/03 12:0 a.m.8 views

Adobe Connect CSRF Vulnerability (APSB21-112)

Adobe Connect is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/17 3:4 p.m.31 views

Security Bulletin: IBM Data Replication Java SDK Update

Summary This bulletin covers common Java SDK vulnerability findings in the IBM Java SDK packaged with this offering. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from...

9.8CVSS1.6AI score0.01532EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/09/08 3:15 p.m.0 views

CVE-2021-30713

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited...

7.8CVSS7.1AI score0.0658EPSS
Exploits0References4
Rows per page
Query Builder