CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2020/11/16 5:15 p.m.•12 views

Cross site scripting

3.5CVSS5.1AI score0.00554EPSS

CVE•added 2020/11/16 4:40 p.m.•45 views

CVE-2020-4672

IBM Business Automation Workflow version 20.0.0.1 is vulnerable to cross-site scripting in the Web UI, allowing an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM Security Bulletin identifies the affected version and recommends applyin...

5.4CVSS5.2AI score0.00554EPSS

OSV•added 2020/11/16 3:15 p.m.•3 views

CVE-2020-25210

In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants...

5.3CVSS6.1AI score0.0143EPSS

Prion•added 2020/11/16 3:15 p.m.•17 views

Design/Logic Flaw

In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants...

5CVSS5.3AI score0.0143EPSS

CVE•added 2020/11/16 2:45 p.m.•63 views

CVE-2020-25210

CVE-2020-25210 affects JetBrains YouTrack prior to version 2020.3.7955. The issue allows an attacker to access workflow rules without proper access grants. The available documents consistently describe the vulnerability as an information-disclosure/access control flaw in YouTrack’s workflow rules...

5.3CVSS5.3AI score0.0143EPSS

Cvelist•added 2020/11/16 2:45 p.m.•20 views

CVE-2020-25210

In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants...

5.3AI score0.0143EPSS

CNVD•added 2020/11/16 12:0 a.m.•2 views

IBM Business Automation Workflow Cross-Site Scripting Vulnerability (CNVD-2020-63941)

IBM Business Automation Workflow is a suite of workflow automation solutions from IBM USA. The product is mainly used for workflow management, compliance management, and features workflow visibility and scalability. A cross-site scripting vulnerability exists in IBM Business Automation Workflow,...

5.4CVSS6.1AI score0.00554EPSS

Exploits0References1

CNNVD•added 2020/11/16 12:0 a.m.•4 views

JetBrains YouTrack 信息泄露漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in JetBrains YouTrack versions prior to 2020.3.7955, which c...

5.3CVSS6AI score0.0143EPSS

Microsoft Secure•added 2020/11/05 5:0 p.m.•24 views

Microsoft recognized as a Leader in the 2020 Gartner Magic Quadrant for Enterprise Information Archiving

Organizations face an increasing volume of data generated daily and ever-evolving regulations around how that data is managed. To help navigate this complex information landscape, we are focused on delivering integrated, intelligent, and user-centric solutions. Over the past few years, we...

0.3AI score

Microsoft Malware Protection•added 2020/11/05 5:0 p.m.•12 views

Microsoft recognized as a Leader in the 2020 Gartner Magic Quadrant for Enterprise Information Archiving

0.3AI score

OSV•added 2020/11/03 12:0 a.m.•16 views

OSV-2020-2126 Heap-buffer-overflow in ndpi_workflow_process_packet

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26880 Crash type: Heap-buffer-overflow READ 1 Crash state: ndpiworkflowprocesspacket fuzzndpireader.c...

7.2AI score

Exploits0References1

Hacker One•added 2020/10/25 4:0 a.m.•80 views

Nextcloud: Potential DDoS when posting long data into workflow validation rules

A missing input validation in Nextcloud Server 20.0.1 allowed users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules...

4CVSS3.9AI score0.01557EPSS

Kitploit•added 2020/10/21 11:30 a.m.•1412 views

Pwndoc - Pentest Report Generator

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users. Documentation Installation Data Vulnerabilitie...

7.5AI score

Exploits0References6

Akamai Blog•added 2020/10/14 10:0 p.m.•75 views

Akamai Drives New Standards and Enhances Authoritative DNS and Load Balancing Services

For more than 20 years, Akamai's customers have trusted our global edge platform to deliver their content, secure their web applications, and accelerate end-user experiences. As the basis for our mapping functions, Akamai DNS has always been essential to the reliability and performance of our...