Lucene search
+L

117 matches found

ALT Linux
ALT Linux
added 2020/02/25 12:0 a.m.74 views

Security fix for the ALT Linux 8 package postgresql11-1C version 11.5-alt0.M80P.4

11.5-alt0.M80P.4 built Feb. 25, 2020 Alexei Takaseev in task 245913 Feb. 12, 2020 Alexei Takaseev - Fix priv checks for ALTER &LTobject DEPENDS ON EXTENSION Fixes CVE-2020-1720...

3.5CVSS6.9AI score0.01183EPSS
Exploits0
CNVD
CNVD
added 2020/01/23 12:0 a.m.5 views

Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability (CNVD-2020-04828)

Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution. A cross-site request forgery CSRF vulnerability exists in the Web...

8.8CVSS7.1AI score0.00536EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/12/30 9:24 p.m.44 views

CVE-2018-20489

Removed by vendor...

5.3CVSS6.7AI score0.00776EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.29 views

Cisco Unity Connection Cross-Site Request Forgery Vulnerability

Cross-site request forgery CSRF vulnerability in Cisco Unity Connection 11.50.98 allows remote attackers to hijack the authentication of arbitrary users. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid130013; scriptversion"1.3"; scriptcvsdate"Date: 2019/10/31...

6.8CVSS5.7AI score0.00981EPSS
Exploits0References3
Symantec
Symantec
added 2019/10/02 12:0 a.m.32 views

Cisco Unified Communications Manager CVE-2019-12715 Cross Site Scripting Vulnerability

Description Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

0.8AI score0.01057EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/09/25 7:15 p.m.22 views

CVE-2019-6655

On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data...

5.3CVSS5.2AI score0.0106EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2019/08/07 12:0 a.m.77 views

Security fix for the ALT Linux 10 package postgresql13 version 11.5-alt1

Aug. 7, 2019 Alexei Takaseev 11.5-alt1 - 11.5 Fixes CVE-2019-10208, CVE-2019-10209...

6.5CVSS6.8AI score0.0217EPSS
Exploits0
OSV
OSV
added 2019/07/10 5:15 p.m.24 views

CVE-2018-19578

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...

6.5CVSS6.5AI score
Exploits0References2
OSV
OSV
added 2019/07/10 5:15 p.m.14 views

CVE-2018-19582

GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...

4.3CVSS6.5AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/07/10 5:15 p.m.29 views

CVE-2018-19578

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...

6.5CVSS6.8AI score0.00984EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/07/10 5:15 p.m.29 views

CVE-2018-19582

GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...

4.3CVSS6.3AI score0.00839EPSS
Exploits0References2
CVE
CVE
added 2019/07/10 4:54 p.m.89 views

CVE-2018-19578

GitLab EE 11.5 before 11.5.1 is vulnerable to an insecure object reference that allows a user with Reporter privileges to view the Jaeger Tracing Operations page. Root cause: improper access control on the Jaeger operations page. Impact: exposure of tracing page content to users with limited perm...

6.5CVSS6.2AI score0.00984EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/10 4:54 p.m.27 views

CVE-2018-19578

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...

6.4AI score0.00984EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/07/10 4:52 p.m.42 views

CVE-2018-19579

Removed by vendor...

5.4CVSS6.4AI score0.00728EPSS
Exploits1
CVE
CVE
added 2019/07/10 4:45 p.m.78 views

CVE-2018-19582

CVE-2018-19582 affects GitLab Enterprise Edition (GitLab EE) on versions 11.4 before 11.4.8 and 11.5 before 11.5.1. The issue is an insecure direct object reference that could allow an unauthorized user to publish another user’s draft merge request comments. The connected documents confirm the af...

4.3CVSS4.6AI score0.00839EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/10 4:45 p.m.22 views

CVE-2018-19582

GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...

5.1AI score0.00839EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/03 12:0 a.m.6 views

PT-2019-18215 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 11.5.1 through 11.6.4 F5 BIG-IP versions 12.1.0 through 12.1.4.1 F5 BIG-IP versions 13.0.0 through 13.1.1.4 F5 BIG-IP versions 14.0.0 through 14.0.0.4 F5 BIG-IP versions 14.1.0 through 14.1.0.5 Description: The issue allows...

4.4CVSS4.6AI score0.00347EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/19 11:10 p.m.19 views

Security Bulletin: IBM InfoSphere Data Quality Exception Console is affected by a Reflected XSS (Cross-Site Scripting) vulnerability

Summary A Reflected XSS Cross-Site Scripting vulnerability was addressed by IBM InfoSphere Data Quality Exception Console. Vulnerability Details CVEID: CVE-2019-4238 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed...

5.4CVSS1AI score0.00673EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/04/18 2:29 a.m.6 views

CVE-2019-1837

A vulnerability in the User Data Services UDS API of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the management GUI. The vulnerability is due to improper validation of input parameters in the UDS API...

7.5CVSS6.7AI score0.02443EPSS
Exploits0References2
CNVD
CNVD
added 2019/03/29 12:0 a.m.1 views

Micro Focus Solutions Business Manager Denial of Service Vulnerability

Micro Focus Solutions Business Manager SBM, Serena Business Manager is a suite of business process automation management solutions from Micro Focus UK. The product is mainly used for process automation, including software development lifecycle and IT business process management. A security...

7.5CVSS6.6AI score0.00697EPSS
Exploits0References1
Rows per page
Query Builder