Lucene search
+L

267 matches found

Cvelist
Cvelist
added 2023/10/03 11:29 a.m.30 views

CVE-2023-4102 Multiple vulnerabilities in IDM Sistemas QSige

QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

8.8CVSS8.8AI score0.00584EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 11:29 a.m.19 views

CVE-2023-4102 Multiple vulnerabilities in IDM Sistemas QSige

QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

8.8CVSS6.9AI score0.00584EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 11:26 a.m.17 views

CVE-2023-4101 Multiple vulnerabilities in IDM Sistemas QSige

The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

8.8CVSS6.9AI score0.00398EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/03 11:26 a.m.31 views

CVE-2023-4101 Multiple vulnerabilities in IDM Sistemas QSige

The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

8.8CVSS8.8AI score0.00398EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/03 11:22 a.m.28 views

CVE-2023-4100 Multiple vulnerabilities in IDM Sistemas QSige

Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions...

6.5CVSS8AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 11:22 a.m.13 views

CVE-2023-4100 Multiple vulnerabilities in IDM Sistemas QSige

Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions...

6.5CVSS5.9AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 11:6 a.m.13 views

CVE-2023-4099 Multiple vulnerabilities in IDM Sistemas QSige

The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

7.6CVSS6.9AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/03 11:6 a.m.24 views

CVE-2023-4099 Multiple vulnerabilities in IDM Sistemas QSige

The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...

7.6CVSS7.7AI score0.00322EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 11:3 a.m.12 views

CVE-2023-4098 Multiple vulnerabilities in IDM Sistemas QSige

It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application...

8.8CVSS7.1AI score0.00493EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 10:46 a.m.12 views

CVE-2023-4097 Multiple vulnerabilities in IDM Sistemas QSige

The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username...

8.8CVSS7.1AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/03 10:46 a.m.31 views

CVE-2023-4097 Multiple vulnerabilities in IDM Sistemas QSige

The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username...

8.8CVSS8.8AI score0.00541EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.7 views

IDM Sistemas QSige SQL Injection Vulnerability

IDM Sistemas QSige is a communication management system from IDM Sistemas. IDM Sistemas QSige suffers from a SQL injection vulnerability that stems from a web application that does not properly filter input parameters, resulting in SQL injection, DoS, or information disclosure...

8.8CVSS7.8AI score0.00493EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.5 views

IDM Sistemas QSige Security Vulnerability

IDM Sistemas QSige is a communication management system from IDM Sistemas. A security vulnerability exists in IDM Sistemas QSige Monitor that stems from the application not having an access control mechanism to verify that the user requesting the resource has sufficient privileges to perform this...

7.6CVSS6.8AI score0.00322EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.7 views

IDM Sistemas QSige Security Vulnerability

IDM Sistemas QSige is a communication management system from IDM Sistemas. A security vulnerability exists in QSige login SSO that stems from the absence of an access control mechanism to verify that the user requesting the resource has sufficient privileges to perform this operation...

8.8CVSS6.8AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/03 12:0 a.m.7 views

IDM Sistemas QSige Cross-Site Scripting Vulnerability

IDM Sistemas QSige is a communication management system from IDM Sistemas. IDM Sistemas QSige suffers from a cross-site scripting vulnerability that stems from allowing an attacker to perform XSS attacks against certain resources, resulting in a DoS condition as well as other operations...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.37 views

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2020-4670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4670 advisory. bind-dyndb-ldap 11.3-1 - New upstream release - Resolves: rhbz1845211 ipa 4.8.7-12.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 295166...

6.9CVSS7AI score0.99019EPSS
Exploits17References11
NVD
NVD
added 2023/03/23 8:15 p.m.33 views

CVE-2022-36413

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications...

9.1CVSS9.3AI score0.03056EPSS
Exploits0References1
Prion
Prion
added 2023/03/23 8:15 p.m.31 views

Default credentials

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications...

6.4CVSS9.2AI score0.03056EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/23 12:0 a.m.8 views

CVE-2022-36413

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications...

9.3AI score0.03056EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 12:0 a.m.42 views

CVE-2022-36413

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications...

9.4AI score0.03056EPSS
Exploits0References1
Rows per page
Query Builder