Lucene search
K

193 matches found

Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.6 views

PT-2022-28057 · Unknown · Fp Masterquiz

Name of the Vulnerable Software and Affected Versions: fp masterquiz extension versions 2.2.0 and earlier, 3.x before 3.5.1 Description: An issue allows an attacker to continue the quiz of a different user, enabling them to view and modify that user's answers. Recommendations: For fp masterquiz...

6.5CVSS7.1AI score0.00364EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.7 views

PT-2022-28062 · Typo3 · Fp Newsletter

Name of the Vulnerable Software and Affected Versions: fp newsletter extension versions 1.0 through 1.1.0 fp newsletter extension version 1.2.0 fp newsletter extension versions 2.0 through 2.1.1 fp newsletter extension versions 2.2.1 through 2.4.0 fp newsletter extension versions 3.0 through 3.2....

9.1CVSS7.4AI score0.00674EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.8 views

PT-2022-28058 · Typo3 · Fp Newsletter

Name of the Vulnerable Software and Affected Versions: fp newsletter extension versions 1.0 through 1.1.0 fp newsletter extension version 1.2.0 fp newsletter extension versions 2.0 through 2.1.1 fp newsletter extension versions 2.2.1 through 2.4.0 fp newsletter extension versions 3.0 through 3.2....

9.1CVSS7.3AI score0.00651EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/02 4:36 a.m.48 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2022-22365)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.9CVSS5.6AI score0.00553EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2022/08/25 9:44 p.m.20 views

fp-trading.jp Cross Site Scripting vulnerability OBB-2864528

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/05/06 8:7 p.m.3 views

fp-sumai.jp Cross Site Scripting vulnerability OBB-2610424

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Prion
Prion
added 2022/03/01 9:15 p.m.11 views

Design/Logic Flaw

Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using followRedirects or followRedirectsWith with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie,...

5.8CVSS6.2AI score0.00815EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/03/01 8:20 p.m.31 views

CVE-2022-24719 Unauthorized forwarding of confidential headers in fluture-node

Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using followRedirects or followRedirectsWith with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as Authorization or Cookie,...

2.6CVSS6.5AI score0.00815EPSS
Exploits0References4
CVE
CVE
added 2022/03/01 8:20 p.m.104 views

CVE-2022-24719

CVE-2022-24719 affects Fluture-Node. The vulnerability arises when using followRedirects or followRedirectsWith with redirection strategies in fluture-node 4.0.0/4.0.1, where confidential headers (Authorization, Cookie) can be exposed in a redirected request to a third‑party or HTTP origin. The i...

6.1CVSS5AI score0.00815EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2016-0223)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.02776EPSS
Exploits1References15
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/01 2:26 p.m.15 views

Security Bulletin: IBM Sterling Order Management is vulnerable to cross-site scripting

Summary IBM Sterling Order Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEI...

6.1CVSS1.1AI score0.00632EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/07/14 12:0 a.m.13 views

OSV-2021-991 Dynamic-stack-buffer-overflow in fmt::v8::detail::dragonbox::umul192_upper64

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36110 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: fmt::v8::detail::dragonbox::umul192upper64 fmt::v8::detail::dragonbox::cacheaccessor::computemul fmt::v8::detail::dragonbox::decimalfp...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2018:2037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.3AI score0.25348EPSS
Exploits5References10
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.0771EPSS
Exploits3References14
Lenovo
Lenovo
added 2021/06/08 7:7 p.m.7 views

Speculative Code Store Bypass (SCSB) and Floating-Point Value Injection (FPVI) Advisory - Lenovo Support US

No description provided...

6.5CVSS6.4AI score0.00607EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/20 6:50 a.m.54 views

Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2019-17558)

Summary Apache Solr is vulnerable to Remote Code Execution. This has been addressed. Vulnerability Details CVEID: CVE-2019-17558 DESCRIPTION: Apache Solr could allow a remote attacker to execute arbitrary code on the system. By providing a Velocity template through the VelocityResponseWriter, an...

7.5CVSS2.2AI score0.98567EPSS
Exploits12Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2018:1943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.00611EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2018:2087-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.00611EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/29 10:27 a.m.61 views

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2020-14781)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

4.3CVSS2.2AI score0.02296EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2020/11/20 12:0 a.m.9 views

HCL Technologies Domino 输入验证错误漏洞

HCL Domino is a server for collaborative client-server software platforms. A denial of service vulnerability exists in HCL Domino versions 9.0.1 FP10 IF6, prior to 10.0.1. The vulnerability stems from improper validation of user-supplied input. An attacker could exploit the vulnerability to cause...

7.5CVSS7.2AI score0.01031EPSS
Exploits0References3
Rows per page
Query Builder