Lucene search
K

166 matches found

Prion
Prion
added 2017/12/20 6:29 p.m.17 views

Information disclosure

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549...

2.1CVSS4.8AI score0.00307EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/12/20 6:29 p.m.21 views

CVE-2017-1595

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549...

5.5CVSS5AI score0.00307EPSS
Exploits0References2
Prion
Prion
added 2017/12/20 6:29 p.m.18 views

Information disclosure

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550...

2.1CVSS4.8AI score0.00307EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/12/20 6:29 p.m.14 views

Cross site scripting

IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

3.5CVSS5.1AI score0.00538EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/12/20 6:29 p.m.1 views

CVE-2017-1595

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549...

5.5CVSS5.8AI score0.00307EPSS
Exploits0References2
CVE
CVE
added 2017/12/20 6:0 p.m.56 views

CVE-2017-1595

IBM Security Guardium Database Activity Monitor (Guardium) is affected by CVE-2017-1595, a local information disclosure vulnerability. The IBM Security Guardium Database Activity Monitor product family (V10.0, 10.0.1, 10.1, 10.1.2, 10.1.3) could allow a local attacker to obtain highly sensitive i...

5.5CVSS4.9AI score0.00307EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/12/20 6:0 p.m.23 views

CVE-2017-1595

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549...

5AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/20 6:0 p.m.23 views

CVE-2017-1600

IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.2AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/20 6:0 p.m.24 views

CVE-2017-1596

IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550...

5AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/20 6:0 p.m.23 views

CVE-2017-1598

IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 132611...

7.2AI score0.00848EPSS
Exploits0References2
Imperva Blog
Imperva Blog
added 2017/10/18 3:30 p.m.74 views

Tuning Capacity Tips for SecureSphere Database Activity Monitoring

You have Imperva SecureSphere Database Activity Monitoring DAM up and running. You’ve deployed the system and configured your business audit policies. So, what’s next? In a previous post I discussed the capacity management challenges of database monitoring solutions, in this post I’ll elaborate o...

6.8AI score
Exploits0
Veracode
Veracode
added 2017/06/23 3:11 a.m.17 views

Information Leak

moodle/moodle has an information leak. The database activity module has a flaw which allows authenticated users to read activity entries from a different group's users. The flaw can be exploited through the advanced search...

4CVSS5.6AI score0.01118EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2017/06/06 7:24 a.m.16 views

Information Disclosure Through Reading Restriction Bypass

Moodle is susceptible to information disclosure. The database activity module does not enforce the minimum participate entry count before displaying other users comments. This allows users to view other participant's entries using advanced search before they are allowed to...

6.4CVSS5.6AI score0.01604EPSS
Exploits0References5Affected Software1
Imperva Blog
Imperva Blog
added 2017/05/09 3:30 p.m.33 views

Database Activity Monitoring: A Do’s and Don’ts Checklist for DBAs

In a previous post, we looked at the limitations of native audit, the free tool often used by database administrators DBAs for logging database activity. While it has its appeal—it’s already part of the database server and does not require additional cost for third-party appliances or...

7.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/05/04 3:30 p.m.23 views

Native Auditing Tools – Performance, Cost, and Compliance Issues

As we covered in a previous post, data-centric security measures need to be implemented to meet compliance requirements and protect against complex, ever-evolving attacks. There are two primary approaches to implementing these measures: Native auditing, which uses a database server's built-in too...

6.8AI score
Exploits0
OSV
OSV
added 2017/02/01 8:59 p.m.1 views

CVE-2016-6065

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...

7.8CVSS5.8AI score0.0038EPSS
Exploits0References2
NVD
NVD
added 2017/02/01 8:59 p.m.19 views

CVE-2016-6065

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...

7.8CVSS7.5AI score0.0038EPSS
Exploits0References2
Prion
Prion
added 2017/02/01 8:59 p.m.21 views

Command injection

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...

7.2CVSS6.8AI score0.0038EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/01 8:0 p.m.27 views

CVE-2016-6065

IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...

7.5AI score0.0038EPSS
Exploits0References2
CVE
CVE
added 2017/02/01 8:0 p.m.57 views

CVE-2016-6065

CVE-2016-6065 affects IBM Security Guardium Database Activity Monitor appliances. A local user could inject commands that are executed as root due to an injection flaw in the appliance. Affected products/versions identified by IBM include Guardium Database Activity Monitor v8.2, v9, v9.1, v9.5, a...

7.8CVSS7.4AI score0.0038EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder