Lucene search
K

467 matches found

Cvelist
Cvelist
added 2021/10/01 8:20 p.m.21 views

CVE-2021-36309

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks...

7.1CVSS6.7AI score0.00624EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 5:15 p.m.4 views

CVE-2021-20377

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569...

2.7CVSS6.1AI score0.00935EPSS
Exploits0References2
NVD
NVD
added 2021/09/23 5:15 p.m.23 views

CVE-2021-20563

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further attacks against the system. IBM X-Force ID: 19923...

4.3CVSS0.00704EPSS
Exploits0References2
Prion
Prion
added 2021/09/23 5:15 p.m.16 views

Information disclosure

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667...

4CVSS4.1AI score0.00951EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/09/23 5:15 p.m.19 views

Information disclosure

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355...

2.1CVSS4.8AI score0.00127EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/23 5:10 p.m.18 views

CVE-2021-20435

IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355...

2.5CVSS5.1AI score0.00127EPSS
Exploits0References2
NVD
NVD
added 2021/09/14 2:15 p.m.17 views

CVE-2021-20508

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322...

4.3CVSS0.00974EPSS
Exploits0References2
Prion
Prion
added 2021/09/14 2:15 p.m.18 views

Information disclosure

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322...

4CVSS4.1AI score0.00974EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/09/14 1:25 p.m.23 views

CVE-2021-20508

IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322...

2.7CVSS4.3AI score0.00974EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/03 12:0 a.m.23 views

IBM Cloud Pak for Security Information Disclosure Vulnerability (CNVD-2021-64546)

IBM Cloud Pak for Security is an application from IBM USA, Inc. an open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated actions faster.IBM Cloud Pak for Security has a security vulnerability that could allow an attacker t...

5.3CVSS1.2AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/07/26 12:15 p.m.4 views

CVE-2021-29766

IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680...

5.3CVSS5.6AI score0.01275EPSS
Exploits0References2
Prion
Prion
added 2021/07/26 12:15 p.m.15 views

Information disclosure

IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168...

4CVSS4.2AI score0.00982EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/26 12:15 p.m.12 views

Information disclosure

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...

5CVSS4.8AI score0.01275EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/26 12:10 p.m.25 views

CVE-2021-29767

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...

5.3CVSS5AI score0.01275EPSS
Exploits0References2
Prion
Prion
added 2021/07/15 6:15 p.m.19 views

Open redirect

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a...

4.9CVSS3.5AI score0.00545EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/13 4:15 p.m.18 views

Information disclosure

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. X-Force ID: 196309...

4CVSS4.2AI score0.00982EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2021/07/02 12:0 a.m.6 views

VulnCheck KEV: CVE-2021-30116

Kaseya Virtual System/Server Administrator VSA contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system...

10CVSS7.4AI score0.85619EPSS
Exploits1References1
Prion
Prion
added 2021/06/28 4:15 p.m.19 views

Information disclosure

IBM Guardium Data Encryption GDE 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212...

5CVSS4.1AI score0.00751EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2021/06/24 12:0 a.m.5 views

PHP Webshell Upload Over HTTP

An attacker might upload a webshell backdoor to a PHP server. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

1.8AI score
Exploits0
OSV
OSV
added 2021/06/03 3:15 p.m.4 views

CVE-2021-20380

IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRadar SIEM 7.4 could allow a remote user to obtain sensitive information from HTTP requests that could aid in further attacks against the system. IBM X-Force ID: 195712...

7.5CVSS5.8AI score0.01443EPSS
Exploits0References2
Rows per page
Query Builder