Lucene search
K

29 matches found

Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.7 views

PT-2022-24885 · Ree6 · Ree6

Name of the Vulnerable Software and Affected Versions: Ree6 versions prior to 1.9.9 Description: This issue allows other server owners to create configurations that contain a channel from another server as a target, enabling the sending of log messages to another Guild channel and bypassing raid...

5.5CVSS5.2AI score0.00377EPSS
Exploits0References5
OSV
OSV
added 2020/01/30 9:21 p.m.1 views

GHSA-MH8G-HPRG-8363 Hard-Coded Key Used For Remember-me Token in Opencast

Impact The security configuration in etc/security/mhdefaultorg.xml enables a remember-me cookie based on a hash created from the username, password, and an additional system key. Opencast has hard-coded this system key in the large XML file and never mentions to change this, basically ensuring th...

6.8CVSS5.9AI score0.00939EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.9 views

httpd: Weak Digest auth nonce generation in mod_auth_digest

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

9.8CVSS7.3AI score0.15885EPSS
Exploits0References5
OSV
OSV
added 2018/03/26 3:29 p.m.7 views

ALPINE-CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

9.8CVSS7AI score0.15885EPSS
Exploits0References1
NVD
NVD
added 2017/12/11 5:29 p.m.24 views

CVE-2017-11319

Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms...

8.8CVSS8.5AI score0.05564EPSS
Exploits4References2
Prion
Prion
added 2017/12/11 5:29 p.m.16 views

Input validation

Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms...

6.5CVSS8.5AI score0.05564EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2017/12/11 5:0 p.m.25 views

CVE-2017-11319

Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms...

8.5AI score0.05564EPSS
Exploits4References2
Packet Storm
Packet Storm
added 2017/12/06 12:0 a.m.50 views

Perspective ICM Investigation And Case 5.1.1.16 Privilege Escalation

Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: [email protected] Vendor Homepage: www.resolver.com Version: Perspective ICM Investigation & Case -...

8.9AI score0.05564EPSS
Exploits4
OSV
OSV
added 2017/08/09 9:29 p.m.6 views

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

7.2CVSS5.8AI score0.01165EPSS
Exploits0References1
Rows per page
Query Builder