Lucene search
K

63 matches found

OSV
OSV
added 2024/10/01 12:15 p.m.4 views

CVE-2024-30132

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/01 12:10 p.m.20 views

CVE-2024-30132 Missing default HTTP security headers affect HCL Nomad server on Domino

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS6.4AI score0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/01 12:10 p.m.35 views

CVE-2024-30132 Missing default HTTP security headers affect HCL Nomad server on Domino

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors...

3.7CVSS0.00306EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 8:15 a.m.20 views

CVE-2024-41907

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack...

5.4CVSS0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 7:54 a.m.24 views

CVE-2024-41907

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application is missing general HTTP security headers in the web server. This could allow an attacker to make the servers more prone to clickjacking attack...

4.2CVSS0.00212EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 7:54 a.m.56 views

CVE-2024-41907

The CVE-2024-41907 issue affects Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) versions prior to 2.0. The root cause described across sources is the web server’s lack of general HTTP security headers, enabling higher likelihood of clickjacking. Red Hat and CNVD entries corroborate the same ...

5.4CVSS6.8AI score0.00212EPSS
Exploits0References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:26 p.m.5 views

Malicious code in Be.Vlaandereո.Basisregisters.AspNetCore.Mvc.Middlewаre.AddHttpSeсurityHeаders (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Cvelist
Cvelist
added 2023/12/12 10:2 a.m.38 views

CVE-2023-4958 Stackrox: missing http security headers allows for clickjacking in web ui

In Red Hat Advanced Cluster Security RHACS, it was found that some security related HTTP headers were missing, allowing an attacker to exploit this with a clickjacking attack. An attacker could exploit this by convincing a valid RHACS user to visit an attacker-controlled web page, that deceptivel...

6.1CVSS6.5AI score0.00533EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.6 views

PT-2023-28153

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2023.9.0 Description The issue concerns the omission of HTTP security headers, including the X-Frame-Options header, in Home Assistant server. This omission facilitates covert clickjacking attacks and other...

9.6CVSS9.4AI score0.0095EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/05/10 1:41 p.m.35 views

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.4.2 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS7.2AI score0.00877EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/06/14 10:15 a.m.3 views

CVE-2022-27219

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...

4.3CVSS5.8AI score0.00631EPSS
Exploits0References2
NVD
NVD
added 2022/06/14 10:15 a.m.19 views

CVE-2022-27220

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...

4.3CVSS0.00631EPSS
Exploits0References1
NVD
NVD
added 2022/06/14 10:15 a.m.24 views

CVE-2022-27219

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...

4.3CVSS0.00631EPSS
Exploits0References1
Prion
Prion
added 2022/06/14 10:15 a.m.24 views

Code injection

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...

4.3CVSS4.4AI score0.00631EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/14 9:21 a.m.26 views

CVE-2022-27220

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...

4.8AI score0.00631EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/14 9:21 a.m.34 views

CVE-2022-27219

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks a...

4.8AI score0.00631EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/04/07 12:0 a.m.26 views

QNAP QTS / QuTS hero Insufficient HTTP Security Headers (QSA-21-03)

The version of QNAP QTS or QuTS hero on the remote host is affected by a vulnerability involving insufficient HTTP security headers. This vulnerability allows remote attackers to launch privacy and security attacks. Note that Nessus has not tested for this issue but has instead relied only on the...

6.1CVSS6.3AI score0.00707EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/11/09 3:15 p.m.3 views

CVE-2021-43195

In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing...

5.3CVSS6AI score0.00685EPSS
Exploits0References2
Prion
Prion
added 2021/11/09 3:15 p.m.21 views

Security feature bypass

In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing...

5CVSS5.4AI score0.00685EPSS
Exploits0References1Affected Software1
Jetbrains
Jetbrains
added 2021/11/08 12:0 a.m.39 views

JetBrains Security Bulletin Q3 2021

JetBrains Security JetBrains Security Bulletin Q3 2021 Robert Demmer In the third quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description | Severity ...

9.8CVSS6.4AI score0.01944EPSS
Exploits0Affected Software6
Rows per page
Query Builder