Lucene search
K

3858 matches found

NVD
NVD
added 2021/10/07 6:15 p.m.17 views

CVE-2021-20552

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170...

4.3CVSS0.00951EPSS
Exploits0References2
Prion
Prion
added 2021/10/07 6:15 p.m.16 views

Information disclosure

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170...

4CVSS4.1AI score0.00951EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/07 6:5 p.m.21 views

CVE-2021-20552

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170...

4.3CVSS4.4AI score0.00951EPSS
Exploits0References2
NVD
NVD
added 2021/09/23 5:15 p.m.13 views

CVE-2021-20485

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667...

4.3CVSS0.00951EPSS
Exploits0References2
Prion
Prion
added 2021/09/23 5:15 p.m.16 views

Information disclosure

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569...

4CVSS3.3AI score0.00935EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/09/23 5:15 p.m.16 views

Information disclosure

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667...

4CVSS4.1AI score0.00951EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/23 5:10 p.m.24 views

CVE-2021-20485

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667...

4.3CVSS4.4AI score0.00951EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/09/23 4:5 p.m.16 views

CVE-2021-20377

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569...

2.7CVSS3.4AI score0.00935EPSS
Exploits0References2
Citrix
Citrix
added 2021/09/23 12:0 a.m.13 views

PVS 1912:Unable to merge vdisk "vDisk versions are not up to date on all Servers that access this vDisk. Update all "

Unable to merge the old versions of vdisk. Error message when we attempt merge: "vDisk versions are not up to date on all Servers that access this vDisk. Update all Servers with the lastest versions of the vDisk files"...

7.1AI score
Exploits0
wpexploit
wpexploit
added 2021/09/20 12:0 a.m.498 views

Tutor LMS < 1.9.9 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Put the following payload in the Plugin's Settings General "Error message for...

4.8CVSS4.8AI score0.00622EPSS
Exploits2
NVD
NVD
added 2021/09/14 2:15 p.m.17 views

CVE-2021-20508

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322...

4.3CVSS0.00943EPSS
Exploits0References2
Prion
Prion
added 2021/09/14 2:15 p.m.18 views

Information disclosure

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322...

4CVSS4.1AI score0.00943EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2021/09/14 12:37 p.m.3 views

keycloak: Brute force attack is possible even after the account lockout

A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.00661EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/09/14 12:35 p.m.5 views

keycloak: Brute force attack is possible even after the account lockout

A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.00661EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/09/14 12:34 p.m.9 views

keycloak: Brute force attack is possible even after the account lockout

A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.00661EPSS
Exploits0References4
OSV
OSV
added 2021/09/14 10:21 a.m.7 views

OPENSUSE-SU-2021:1255-1 Security update for nextcloud

This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo1190291 - CVE-2021-32766 CWE-209: Generation of Error Message Containing Sensitive Information - CVE-2021-32800 CWE-306: Missing Authentication for Critical Function - CVE-2021-32801 CWE-532: Insertion of Sensitive...

10CVSS9.7AI score0.02604EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2021/09/14 12:0 a.m.53 views

Security update for nextcloud (important)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1252-1 Rating: important References: 1190291 Cross-References: CVE-2021-32766 CVE-2021-32800 CVE-2021-32801 CVE-2021-32802 CVSS scores: CVE-2021-32800 NVD : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N...

10CVSS7.7AI score0.02604EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/10 12:0 a.m.21 views

JEESNS Reflective Cross-Site Scripting Vulnerability (CNVD-2021-74052)

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web scripts or HTML via the system error message text field...

6.1CVSS1.7AI score0.03162EPSS
Exploits1References1
OSV
OSV
added 2021/09/09 11:15 p.m.21 views

CVE-2020-19282

A reflected cross-site scripting XSS vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field...

6.1CVSS5.7AI score
Exploits0References2
CVE
CVE
added 2021/09/09 10:10 p.m.79 views

CVE-2020-19282

Jeesns 1.4.2 is affected by a reflected cross-site scripting (XSS) vulnerability in the system error message text field. The issue allows an attacker to inject and execute arbitrary web scripts or HTML in a victim’s browser, potentially enabling session hijacking or data exposure. Root cause is a...

6.1CVSS5.8AI score0.03162EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder