CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Veritas Desktop and Laptop Option DLO before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication...

5.3CVSS6.7AI score0.00221EPSS

Exploits0

NVD•added 2022/09/23 5:15 a.m.•11 views

CVE-2022-41319

A Reflected Cross-Site Scripting XSS vulnerability affects the Veritas Desktop Laptop Option DLO application login page aka the DLOServer/restore/login.jsp URI. This affects versions before 9.8 e.g., 9.1 through 9.7...

6.1CVSS0.00542EPSS

Exploits0References1

Prion•added 2022/09/23 5:15 a.m.•20 views

Cross site scripting

5.8CVSS6.3AI score0.00542EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/09/23 12:0 a.m.•2 views

PT-2022-25813 · Veritas · Veritas Desktop/Laptop Option

Name of the Vulnerable Software and Affected Versions: Veritas Desktop Laptop Option DLO versions 9.1 through 9.7 Description: A Reflected Cross-Site Scripting XSS issue affects the login page of the Veritas Desktop Laptop Option DLO application, specifically the DLOServer/restore/login.jsp URI...

6.1CVSS6.2AI score0.00542EPSS

Exploits0References4

Vulnrichment•added 2022/09/23 12:0 a.m.•6 views

CVE-2022-41319

5.9AI score0.00542EPSS

Exploits0References1

CVE•added 2022/09/23 12:0 a.m.•43 views

CVE-2022-41319

The CVE-2022-41319 entry concerns Veritas Desktop Laptop Option (DLO). A Reflected Cross-Site Scripting (XSS) flaw affects the DLO login page (DLOServer/restore/login.jsp) in versions before 9.8, specifically 9.1–9.7. The underlying issue is a lack of proper filtering/escaping of user-supplied da...

6.1CVSS6.2AI score0.00542EPSS

Exploits0References1Affected Software1

OSV•added 2022/05/14 3:59 a.m.•19 views

GHSA-Q45H-CHC8-HVP6 OpenStack Object Storage (Swift) Sensitive Data Exposure

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

5CVSS7AI score0.01459EPSS

Exploits0References11

Github Security Blog•added 2022/05/14 3:59 a.m.•19 views

OpenStack Object Storage (Swift) Sensitive Data Exposure

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

5CVSS6.3AI score0.01459EPSS

Exploits0References11Affected Software1

NVD•added 2021/01/06 1:15 a.m.•11 views

CVE-2020-36165

An issue was discovered in Veritas Desktop and Laptop Option DLO before 9.4. On start-up, it loads the OpenSSL library from /ReleaseX64/ssl. This library attempts to load the /ReleaseX64/ssl/openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create...

9.3CVSS9.3AI score0.00049EPSS

Exploits0References1

ATTACKERKB•added 2021/01/06 1:15 a.m.•2 views

CVE-2020-36165

9.3CVSS6.3AI score0.00049EPSS

Exploits0References2

CVE•added 2021/01/06 12:51 a.m.•72 views

CVE-2020-36165

CVE-2020-36165 affects Veritas Desktop and Laptop Option (DLO) before 9.4. At startup, DLO loads the OpenSSL library from /ReleaseX64/ssl, which attempts to load /ReleaseX64/ssl/openssl.cnf that does not exist. A low-privilege user can create C:/ReleaseX64/ssl/openssl.cnf to load a malicious Open...

9.3CVSS8.6AI score0.00049EPSS

Exploits0References1Affected Software1

Prion•added 2021/01/05 7:15 p.m.•15 views

Authentication flaw

Veritas Desktop and Laptop Option DLO before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication...

5CVSS5.2AI score0.00221EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/01/05 6:49 p.m.•15 views

CVE-2020-36159

Veritas Desktop and Laptop Option DLO before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication...

5.3CVSS5.3AI score0.00221EPSS

Exploits0References1

CVE•added 2021/01/05 6:49 p.m.•51 views

CVE-2020-36159

Veritas DLO (Desktop and Laptop Option) affected versions prior to 9.5 expose backup processing status via an unauthenticated URL, enabling information disclosure with partial confidentiality impact (per CVSS notes). The available sources (NVD/Red Hat advisory and CVE records) indicate no explici...

5.3CVSS5.2AI score0.00221EPSS

Exploits0References1Affected Software1

Veracode•added 2019/01/15 9:7 a.m.•21 views

Information Disclosure

openstack-swift is vulnerable to information disclosure attacks. The vulnerability exists as OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

5CVSS6.7AI score0.01459EPSS

Exploits0References11Affected Software1

NVD•added 2015/10/26 5:59 p.m.•15 views

CVE-2015-5223

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

5CVSS7.1AI score0.01459EPSS

Exploits0References9

OSV•added 2015/10/26 5:59 p.m.•1 views

DEBIAN-CVE-2015-5223

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

5CVSS7AI score0.01459EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by