CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

556 matches found

CVE•added 2017/10/05 5:0 p.m.•40 views

CVE-2017-1201

IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) is affected by a vulnerability where the program stores user credentials in clear text, allowing a local attacker to read them. Root cause: credentials stored in clear text within the affected component. Impact: local confidentiality exp...

7.8CVSS7AI score0.00036EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/10/05 5:0 p.m.•14 views

CVE-2017-1201

IBM BigFix Compliance Analytics 1.9.79 TEMA SUAv1 SCA SCM stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676...

7.1AI score0.00036EPSS

Exploits0References2

Hacker One•added 2017/09/07 2:56 p.m.•23 views

Grab: Access Grab_Road BigData Database via Open Presto coordinator

A publicly accessible analytics database instance was identified, due to a firewall misconfiguration. The instance contained booking related information but did not contained any passenger or driver personal information. This vulnerability was discovered using Shodan search engine by Vinoth Kumar...

6.6AI score

Exploits0

Apple•added 2017/08/30 12:0 a.m.•19 views

About the security content of Apple Support 1.2 for iOS

About the security content of Apple Support 1.2 for iOS This document describes the security content of Apple Support 1.2 for iOS. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patche...

5.3CVSS5.4AI score0.00123EPSS

Exploits1References1Affected Software1

Prion•added 2017/08/29 9:29 p.m.•15 views

Cross site scripting

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623...

3.5CVSS5.1AI score0.00198EPSS

Exploits0References2Affected Software1

CVE•added 2017/08/29 9:0 p.m.•47 views

CVE-2017-1427

CVE-2017-1427 affects IBM Cognos Analytics 11.0 (versions 11.0.0.0–11.0.6.0) and is a cross-site scripting vulnerability in the Web UI that could allow embedding arbitrary JavaScript and potentially lead to credential disclosure within a trusted session. Root cause details are described in the vu...

6.1CVSS6AI score0.00285EPSS

Exploits0References4Affected Software1

NVD•added 2017/08/08 3:29 p.m.•10 views

CVE-2017-10097

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

6.1CVSS5.4AI score0.00463EPSS

Exploits0References3

Prion•added 2017/08/08 3:29 p.m.•14 views

Buffer overflow

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

5.5CVSS4.1AI score0.00198EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2017/08/08 3:0 p.m.•8 views

CVE-2017-10097

6.2AI score0.00463EPSS

Exploits0References3

Vulnrichment•added 2017/08/08 3:0 p.m.•8 views

CVE-2017-10000

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

6.6AI score0.00367EPSS

Exploits3References2

Vulnrichment•added 2017/08/08 3:0 p.m.•11 views

CVE-2017-10044

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications subcomponent: Reporting. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

5.5AI score0.00198EPSS

Exploits0References3

CVE•added 2017/08/08 3:0 p.m.•78 views

CVE-2017-10000

CVE-2017-10000 affects Oracle Hospitality Reporting and Analytics (subcomponent: Reporting) in Oracle Hospitality Applications. Affected versions are 8.5.1 and 9.0.0. The vulnerability is exploitable by a low-privileged attacker with network access via HTTP and can result in a denial of service b...

7.7CVSS7AI score0.00367EPSS

Exploits3References2Affected Software1

CVE•added 2017/08/08 3:0 p.m.•54 views

CVE-2017-10044

The CVE-2017-10044 entry concerns Oracle Hospitality Reporting and Analytics (Reporting subcomponent) within Oracle Hospitality Applications. Affected versions are 8.5.1 and 9.0.0. The vulnerability is exploitable over the network via HTTP by a low-privilege attacker and can lead to unauthorized ...

5.5CVSS4.7AI score0.00198EPSS

Exploits0References3Affected Software1

CVE•added 2017/08/08 3:0 p.m.•57 views

CVE-2017-10097

CVE-2017-10097 relates to Oracle Hospitality Reporting and Analytics (Reporting subcomponent) within Oracle Hospitality Applications. Affected versions are 8.5.1 and 9.0.0. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise the component, with exploit...

6.1CVSS5.6AI score0.00463EPSS

Exploits0References3Affected Software1

CVE•added 2017/08/08 3:0 p.m.•51 views

CVE-2017-10142

CVE-2017-10142 affects Oracle Hospitality Reporting and Analytics (Mobile Apps subcomponent) in Oracle Hospitality Applications, specifically versions 8.5.1 and 9.0.0. The vulnerability allows a low-privileged, unauthenticated attacker with network access over HTTP to read and modify data (update...

5.5CVSS4.7AI score0.00173EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/08/08 3:0 p.m.•15 views

CVE-2017-10097

5.4AI score0.00463EPSS

Exploits0References3

Prion•added 2017/06/09 3:29 p.m.•19 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an...

3.5CVSS5.5AI score0.00269EPSS

Exploits0References4Affected Software16

NVD•added 2017/06/08 9:29 p.m.•14 views

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

5.9CVSS5.5AI score0.00137EPSS

Exploits0References3

CVE•added 2017/05/09 8:0 p.m.•57 views

CVE-2017-5527

The provided data confirms a SQL injection issue affecting TIBCO Spotfire products. Affected: Spotfire Server versions 7.0.x before 7.0.2; 7.5.x before 7.5.1; 7.6.x before 7.6.1; 7.7.x before 7.7.1; 7.8.x before 7.8.1; Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier. Description...

6.5CVSS6.3AI score0.00217EPSS

Exploits0References2Affected Software2

rapid7community•added 2017/05/09 4:38 p.m.•52 views

SIEM Security Tools: Four Expensive Misconceptions

Why modern SIEM security solutions can save you from data and cost headaches. If you want to reliably detect attacks across your organization, you need to see all of the activity thats happening on your network. More importantly, that activity needs to be filtered and prioritized by risk -- acros...

6.6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by