OpenProject 信息泄露漏洞

OpenProject is a web-based project management software from OpenProject open source. An information disclosure vulnerability exists in OpenProject versions 11.2.1 through prior to 16.6.2, which originates from an error page that discloses username information and could lead to account enumeration...

PT-2022-20206 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is a denial of service vulnerability via email flooding caused by sending a specially-crafted request. A remote attacker could exploit this to cause the server to...

IBM Cognos Analytics 跨站请求伪造漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation of the United States. IBM Cognos Analytics versions 11.1.7, 11.2.0 and 11.2.1 contain a security vulnerability that allows an attacker to perform malicious and unauthorized actions transmitted from a trusted us...

PT-2022-23616 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to expose sensitive information or consume...

IBM Cognos Analytics Information Disclosure Vulnerability (CNVD-2022-54641)

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation in the United States. IBM Cognos Analytics versions 11.2.1, 11.2.0 and 11.1.7 contain an information disclosure vulnerability that stems from faulty access controls that could be exploited by a low-level attack...

CVE-2021-38945

IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238...

IBM Cognos Analytics 代码问题漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation in the United States. IBM Cognos Analytics 11.2.1, 11.2.0 and 11.1.7 versions have a file upload vulnerability, which stems from the lack of validation of uploaded files by the application, and can be exploited...

PT-2021-6264 · Adobe · Connect

Name of the Vulnerable Software and Affected Versions: Adobe Connect versions 11.2.1 and earlier Description: The issue is related to improper access control in Adobe Connect, which can lead to the elevation of privileges. An attacker with Learner permissions can exploit this to access the list o...

Apple Safari 资源管理错误漏洞

Apple Safari is a web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. Safari suffers from a resource management error vulnerability that stems from improper resource management within Safari on macOS. The following products and versions a...