Lucene search
K

7691 matches found

OpenVAS
OpenVAS
added 2021/06/03 12:0 a.m.25 views

Fedora: Security Advisory for curl (FEDORA-2021-eb5b7c53a9)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS5.5AI score0.60122EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/02 9:56 p.m.92 views

Security Bulletin: Vulnerability in Fabric OS used by IBM b-type SAN directors and switches.

Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2020-1968 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. B...

4.3CVSS4.7AI score0.04803EPSS
Exploits0Affected Software1
NVD
NVD
added 2021/06/01 2:15 p.m.18 views

CVE-2019-4471

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 163780...

6.5CVSS0.01049EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/01 12:0 a.m.6 views

Unspecified Vulnerability in Apache Fineract

Apache Fineract is a set of open source digital financial services platform from the U.S. Apache Apache Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. A security vulnerability exists in Apach...

7.4CVSS6.9AI score0.03401EPSS
Exploits0References1
CVE
CVE
added 2021/05/31 3:10 p.m.47 views

CVE-2019-4471

CVE-2019-4471 affects IBM Cognos Analytics 11.0 and 11.1, where a sensitive cookie in HTTPS sessions may be missing the Secure flag, enabling an information disclosure by a remote attacker. The root cause is the failure to set the secure flag on a cookie containing sensitive data. Impact per sour...

6.5CVSS6.7AI score0.01049EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/05/31 3:10 p.m.22 views

CVE-2019-4471

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 163780...

5.3CVSS6.2AI score0.01049EPSS
Exploits0References3
Fedora
Fedora
added 2021/05/28 1:1 a.m.60 views

[SECURITY] Fedora 34 Update: curl-7.76.1-3.fc34

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

6.8CVSS0.60122EPSS
Exploits2
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.3 views

IBM Cognos Analytics 信息泄露漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. An information disclosure...

6.5CVSS8.5AI score0.01049EPSS
Exploits0References4
Prion
Prion
added 2021/05/27 8:15 p.m.26 views

Server side request forgery (ssrf)

A Server-side request forgery SSRF flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of...

2.1CVSS5.4AI score0.00249EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/05/27 5:15 p.m.22 views

Open redirect

Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the...

5.8CVSS6.2AI score0.0102EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/05/27 4:50 p.m.35 views

CVE-2021-32645 Open Redirect in tenancy

Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the...

4.3CVSS6.4AI score0.0102EPSS
Exploits0References4
NVD
NVD
added 2021/05/27 12:15 p.m.16 views

CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

6.5CVSS0.71867EPSS
Exploits0References8
OSV
OSV
added 2021/05/27 12:15 p.m.15 views

CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

6.5CVSS6.7AI score
Exploits0References8
NVD
NVD
added 2021/05/27 12:15 p.m.19 views

CVE-2020-17514

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful...

7.4CVSS0.03401EPSS
Exploits0References3
OSV
OSV
added 2021/05/27 12:15 p.m.18 views

CVE-2020-17514

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful...

7.4CVSS6.7AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/05/27 12:15 p.m.33 views

CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

6.5CVSS6.9AI score0.71867EPSS
Exploits0References3
Prion
Prion
added 2021/05/27 12:15 p.m.68 views

Design/Logic Flaw

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

4.3CVSS6.7AI score0.71867EPSS
Exploits0References8Affected Software3
Prion
Prion
added 2021/05/27 12:15 p.m.14 views

Code injection

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful...

5.8CVSS7.3AI score0.03401EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/05/27 12:10 p.m.21 views

CVE-2020-17514 disabled hostname verificiation

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful...

7.3AI score0.03401EPSS
Exploits0References3
CVE
CVE
added 2021/05/27 12:10 p.m.48 views

CVE-2020-17514

Apache Fineract up to version 1.5.0 disables HTTPS hostname verification in ProcessorHelper.configureClient, enabling potential MITM if hostname checks are not performed. This affects the client-communication security path and is documented across multiple sources (e.g., RH security pages and CVE...

7.4CVSS7.3AI score0.03401EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder