Lucene search
K

5 matches found

Cvelist
Cvelist
added 2023/03/29 1:16 p.m.19 views

CVE-2023-1663 Authenticated Resources Accessible via Forced Browsing

Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads directory and i...

6.5CVSS6.6AI score0.00431EPSS
Exploits0References2
Prion
Prion
added 2021/04/13 5:15 p.m.17 views

Input validation

The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...

4CVSS5.1AI score0.00891EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/12/07 4:15 p.m.16 views

Xxe

An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to import projects, is parsed by insecurely configured software components, which can be abused for XML External Entity Attacks...

4.3CVSS5.5AI score0.00905EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/06/06 12:35 a.m.17 views

CVE-2019-4185

IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975...

8.3CVSS8.2AI score0.0059EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2018/06/11 10:15 a.m.80 views

Hackers Stole Over $20 Million in Ethereum from Insecurely Configured Clients

Security researchers have been warning about cybercriminals who have made over 20 million dollars in just past few months by hijacking insecurely configured Ethereum nodes exposed on the Internet. Qihoo 360 Netlab in March tweeted about a group of cybercriminals who were scanning the Internet for...

0.9AI score
Exploits0
Rows per page
Query Builder