Lucene search
K

123 matches found

NVD
NVD
added 2024/02/08 11:15 p.m.24 views

CVE-2023-40262

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...

6.1CVSS5.9AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2024/02/08 11:15 p.m.6 views

CVE-2023-40262

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...

6.1CVSS5.8AI score0.00327EPSS
Exploits0References1
Prion
Prion
added 2024/02/08 11:15 p.m.20 views

Cross site scripting

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...

5.8CVSS6.1AI score0.00327EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/08 12:0 a.m.28 views

CVE-2023-40262

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...

6.1AI score0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.11 views

CVE-2023-40262

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows unauthenticated Stored Cross-Site Scripting XSS in the administration component via Access Request...

5.8AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2024/02/08 12:0 a.m.55 views

CVE-2023-40262

Atos Unify OpenScape Voice Trace Manager V8 before R0.9.11 is affected by an unauthenticated Stored Cross‑Site Scripting (XSS) vulnerability in the administration component via Access Request. Affected product: OpenScape Voice Trace Manager V8 (pre‑R0.9.11). Root cause: stored XSS in the admin in...

6.1CVSS5.8AI score0.00327EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/08 9:50 p.m.11 views

CVE-2023-47114 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the...

4.3CVSS6.7AI score0.00609EPSS
Exploits0References3
CVE
CVE
added 2023/11/08 9:50 p.m.82 views

CVE-2023-47114

CVE-2023-47114 affects Fides HTML-formatted Data Subject Request packages. Root cause: lack of input validation for data from connected systems/data stores, enabling HTML injection when a data subject opens the downloaded package (typically HTML files in ZIP) in a browser via file://. Existence o...

6.1CVSS5.4AI score0.00609EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/11/08 9:50 p.m.25 views

CVE-2023-47114 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the...

4.3CVSS6.1AI score0.00609EPSS
Exploits0References5
OSV
OSV
added 2023/11/08 5:52 p.m.85 views

GHSA-3VPF-MCJ7-5H38 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages

Impact The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being...

4.3CVSS5.5AI score0.00609EPSS
Exploits0References5
Citrix
Citrix
added 2023/09/13 12:0 a.m.6 views

Radius authentication failure

According to network trace captured on NetScaler, there is no response from radius server after NetScaler sending Access-Request packet toradius server. This issue occurred suddenly, and the related configuration of radius authentication on NetScaler has not changed...

7.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.2 views

SUSE CVE-2004-0961

Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service memory exhaustion via a series of Access-Request packets with 1 Ascend-Send-Secret, 2 Ascend-Recv-Secret, or 3 Tunnel-Password attributes...

5CVSS6.8AI score0.03263EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.5 views

PT-2023-14304

Name of the Vulnerable Software and Affected Versions Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description The issue concerns two legacy REST API endpoints for approval and request access that are vulnerable to cross-site request forgery. Recommendations For Apache...

8.8CVSS7.1AI score0.00567EPSS
Exploits0References11
NVD
NVD
added 2022/12/22 8:15 p.m.26 views

CVE-2022-35646

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

5.9CVSS0.00366EPSS
Exploits0References2
OSV
OSV
added 2022/12/22 8:15 p.m.0 views

CVE-2022-35646

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

5.3CVSS5.8AI score0.00366EPSS
Exploits0References2
Prion
Prion
added 2022/12/22 8:15 p.m.22 views

Information disclosure

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

2.1CVSS4.9AI score0.00366EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/12/22 7:8 p.m.29 views

CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

5.9CVSS5.4AI score0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/22 7:8 p.m.6 views

CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass

IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096...

5.9CVSS6.3AI score0.00366EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.7 views

The vulnerability of the Access Request sub-component of the Oracle iReceivables component in the Oracle E-Business Suite automation system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Access Request subcomponent of the Oracle iReceivables component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...

6.8CVSS6.9AI score0.00668EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/07/19 10:15 p.m.13 views

CVE-2022-21568

Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite component: Access Request. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successfu...

6.5CVSS0.00668EPSS
Exploits0References1
Rows per page
Query Builder