CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82 matches found

CNVD•added 2018/05/31 12:0 a.m.•2 views

IBM Security Guardium Big Data Intelligence Information Disclosure Vulnerability (CNVD-2018-16540)

IBM Security Guardium is the comprehensive data security platform. An information disclosure vulnerability exists in IBM Security Guardium Big Data Intelligence SonarG version 3.1. It allows an attacker to gain access to data related to the environment, users, and more...

7.8CVSS6.3AI score0.00053EPSS

Exploits0References1

CNVD•added 2018/05/30 12:0 a.m.•2 views

IBM Security Guardium Big Data Intelligence Cross-Site Scripting Vulnerability

IBM Security Guardium Big Data Intelligence is a solution that delivers the capabilities of a big data platform while meeting data security requirements. A cross-site scripting vulnerability exists in IBM Security Guardium Big Data Intelligence SonarG. The vulnerability can be exploited by a user...

6.1CVSS6.2AI score0.00131EPSS

Exploits0References1

Prion•added 2018/05/29 1:29 p.m.•18 views

Cross site scripting

IBM Security Guardium Big Data Intelligence SonarG 3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-For...

4.3CVSS5.6AI score0.00131EPSS

Exploits0References2Affected Software1

OSV•added 2018/05/29 1:29 p.m.•1 views

CVE-2018-1376

6.1CVSS5.4AI score

Exploits0References2

NVD•added 2018/05/29 1:29 p.m.•23 views

CVE-2018-1369

IBM Security Guardium Big Data Intelligence SonarG 3.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 137767...

4.3CVSS3.7AI score0.00163EPSS

Exploits0References2

OSV•added 2018/05/29 1:29 p.m.•1 views

CVE-2018-1370

IBM Security Guardium Big Data Intelligence SonarG 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 137769...

5.4CVSS5.8AI score

Exploits0References2

Prion•added 2018/05/29 1:29 p.m.•10 views

Design/Logic Flaw

IBM Security Guardium Big Data Intelligence SonarG 3.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 136471...

4CVSS4.2AI score0.00231EPSS

Exploits0References3Affected Software1

Cvelist•added 2018/05/29 1:0 p.m.•15 views

CVE-2018-1370

4.2CVSS5.2AI score0.00067EPSS

Exploits0References2

CVE•added 2018/05/29 1:0 p.m.•37 views

CVE-2018-1370

CVE-2018-1370 affects IBM Security Guardium Big Data Intelligence (SonarG) 3.1. The flaw is an incorrect permission assignment for a security-critical resource, allowing read/modify by unintended actors. The IBM bulletin lists a CVSS v3 base score of 4.2 and notes remediation is to upgrade to an ...

6.5CVSS5.1AI score0.00067EPSS

Exploits0References2Affected Software1

CVE•added 2018/05/29 1:0 p.m.•37 views

CVE-2018-1369

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 contains a vulnerability where sensitive information is stored in URL parameters, enabling potential information disclosure via server logs, referrer headers, or browser history. The issue affects SonarG 3.1 and is documented as CVE-2018-13...

4.3CVSS3.8AI score0.00163EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/05/29 1:0 p.m.•13 views

CVE-2018-1376

6.1CVSS5.8AI score0.00131EPSS

Exploits0References2

CNVD•added 2018/03/05 12:0 a.m.•1 views

IBM Security Guardium Big Data Intelligence Information Disclosure Vulnerability (CNVD-2018-06604)

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. A security vulnerability exists in IBM Security Guardium Big Da...

9.8CVSS6.8AI score0.01994EPSS

Exploits0References1

OSV•added 2018/03/02 5:29 p.m.•1 views

CVE-2018-1373

IBM Security Guardium Big Data Intelligence SonarG 3.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 137773...

9.8CVSS5.8AI score

Exploits0References4

Cvelist•added 2018/03/02 5:0 p.m.•14 views

CVE-2018-1373

IBM Security Guardium Big Data Intelligence SonarG 3.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 137773...

7.5CVSS8.8AI score0.01994EPSS

Exploits0References4

CNVD•added 2018/02/28 12:0 a.m.•1 views

IBM Security Guardium Big Data Intelligence Information Disclosure Vulnerability

IBM Security Guardium Big Data Intelligence is a solution that delivers the capabilities of a big data platform while meeting data security requirements. An information disclosure vulnerability exists in IBM Security Guardium Big Data Intelligence SonarG 3.1. The vulnerability arises because the...

5.9CVSS6.1AI score0.00137EPSS

Exploits0References1

CVE•added 2018/02/27 5:0 p.m.•35 views

CVE-2018-1425

CVE-2018-1425 affects IBM Security Guardium Big Data Intelligence (SonarG) 3.1, which uses weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The IBM Security Guardium Big Data Intelligence (SonarG) product is listed as affected wit...

5.9CVSS5.5AI score0.00137EPSS

Exploits0References3Affected Software1

CNVD•added 2018/02/27 12:0 a.m.•0 views

IBM Security Guardium Big Data Intelligence (SonarG) Information Disclosure Vulnerability

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. An information disclosure vulnerability exists in IBM Security...

5.3CVSS6AI score0.00222EPSS

Exploits0References1

OpenVAS•added 2018/02/27 12:0 a.m.•12 views

IBM Security Guardium Big Data Intelligence Detection (HTTP)

HTTP based detection of IBM Security Guardium Big Data Intelligence. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1AI score

Exploits0References1

Prion•added 2018/02/26 2:29 p.m.•14 views

Information disclosure

IBM Security Guardium Big Data Intelligence SonarG 3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 136818...

5CVSS4.8AI score0.00222EPSS

Exploits0References3Affected Software1

NVD•added 2018/02/26 2:29 p.m.•19 views

CVE-2017-1774

5.3CVSS4.9AI score0.00222EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by