Lucene search
K

39 matches found

Cvelist
Cvelist
added 2018/11/02 3:0 p.m.16 views

CVE-2018-1878

IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714...

5.3CVSS4.9AI score0.01301EPSS
Exploits0References2
CVE
CVE
added 2018/11/02 3:0 p.m.47 views

CVE-2018-1878

CVE-2018-1878 affects IBM Robotic Process Automation with Automation Anywhere (11.0). The root cause is an information disclosure in web requests that could reveal sensitive data to an attacker, enabling future attacks. Affected version: 11.0.0.1. Remediation: upgrade to IBM Robotic Process Autom...

5.3CVSS4.9AI score0.01301EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/30 6:30 p.m.17 views

Security Bulletin: IBM Robotic Process Automation could disclose sensitive information in a web request (CVE-2018-1878)

Summary IBM Robotic Process Automation could disclose sensitive information in a web request that could aid in future attacks against the system Vulnerability Details CVEID: CVE-2018-1878 DESCRIPTION: IBM Robotic Process Automation could disclose sensitive information in a web request that could...

5.3CVSS1.6AI score0.01301EPSS
Exploits0Affected Software1
Prion
Prion
added 2018/07/06 2:29 p.m.21 views

Information disclosure

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719...

4CVSS4AI score0.00976EPSS
Exploits0References2Affected Software7
NVD
NVD
added 2018/07/06 2:29 p.m.28 views

CVE-2017-1509

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719...

4.3CVSS4.1AI score0.00976EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/06 2:0 p.m.24 views

CVE-2017-1509

IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719...

4.3CVSS4.1AI score0.00976EPSS
Exploits0References2
Prion
Prion
added 2018/03/23 7:29 p.m.14 views

Design/Logic Flaw

IBM Jazz Foundation IBM Rational Collaborative Lifecycle Management 5.0 and 6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970...

4CVSS4.1AI score0.01854EPSS
Exploits0References3Affected Software7
Schneier on Security
Schneier on Security
added 2018/02/12 12:36 p.m.23 views

Internet Security Threats at the Olympics

There are a lot: The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Korean, although it has no definitive proof tha...

6.8AI score
Exploits0
FireEye
FireEye
added 2017/10/26 3:0 p.m.507 views

BACKSWING - Pulling a BADRABBIT Out of a Hat

Executive Summary On Oct. 24, 2017, coordinated strategic web compromises started to distribute BADRABBIT ransomware to unwitting users. FireEye appliances detected the download attempts and blocked our user base from infection. During our investigation into the activity, FireEye identified a...

Exploits0
Cvelist
Cvelist
added 2017/08/29 6:0 p.m.26 views

CVE-2016-2971

IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898...

5AI score0.01329EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2015/03/18 12:0 a.m.0 views

Masscan Port Scanner

Masscan is a port scanning product. Use of this product might indicate an attempt to collect data regarding the target network, and use it for future attacks...

1.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

FloosieTek FTGatePro 1.2 WebAdmin Interface Information Disclosure Weakness

No description provided by source. source: http://www.securityfocus.com/bid/8578/info A weakness has been reported in the FTGatePro WebAdmin Interface that could allow an unauthorized user to gain sensitive information. The problem is believed to occur due to insufficient access controls put in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

CuteNews 1.3 Debug Query Information Disclosure Weakness

No description provided by source. source: http://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will result in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Apache 0.8.x/1.0.x,NCSA httpd 1.x test-cgi Directory Listing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2003/info NCSA HTTPd and comes with a CGI sample shell script, test-cgi, located by default in /cgi-bin. This script does not properly enclose an ECHO command in quotes, and as a result shell expansion of the character ca...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Killer Protection 1.0 Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP request. Exploiti...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/05 3:22 p.m.10 views

Meetup.com Back Online After DDoS Attacks, Extortion

Social networking site Meetup.com is finally back online today, yet officials at the site are warning it could still face future outages following a series of sustained distributed denial of service attacks DDoS over the weekend. Meetup is a social networking portal that allows individuals with...

7.3AI score
Exploits0References3
Mozilla
Mozilla
added 2005/03/22 12:0 a.m.39 views

Drag and drop loading of privileged XUL — Mozilla

A malicious page that could lure a user into dragging something such as a fake scrollbar can bypass the restriction on opening privileged XUL. The startup scripts in the XUL will run with enhanced privilege, though the actions taken upon merely opening most XUL are benign. So far no way to run...

5.1CVSS1AI score0.03307EPSS
Exploits1References3Affected Software2
exploitpack
exploitpack
added 2003/09/10 12:0 a.m.22 views

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure source: https://www.securityfocus.com/bid/8578/info A weakness has been reported in the FTGatePro WebAdmin Interface that could allow an unauthorized user to gain sensitive information. The problem is believed to occur due to...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/10 12:0 a.m.23 views

Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure

source: https://www.securityfocus.com/bid/1187/info An unauthorized remote user is capable of obtaining CGI environmental variable information from a web server running Matt Wright FormMail by requesting a specially formed URL that specifies the email address to send the details to. This is...

7.4AI score
Exploits0
Rows per page
Query Builder