23 matches found
EUVD-2017-10327
Malware in sbrugna...
EUVD-2017-10157
Malware in sbrugna...
Security Bulletin: IBM Insights Foundation for Energy could allow an authenticated user to obtain sensitive information from error messages (CVE-2017-1141)
Summary IBM Insights Foundation for Energy could allow an authenticated user to obtain sensitive information from error messages. Vulnerability Details CVEID:CVE-2017-1141 DESCRIPTION:IBM Insights Foundation for Energy could allow an authenticated user to obtain sensitive information from error...
Code injection
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457...
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457...
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457...
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 is affected by a publicly documented information-disclosure vulnerability. An authenticated user could learn sensitive details from error messages, which could be leveraged to conduct further attacks. The exact root cause, affected versions, and remediation ...
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457...
IBM Insights Foundation for Energy SQL Injection Vulnerability
IBM Insights Foundation for Energy is a suite of energy analytics, data management and visualization solutions from IBM in the United States. A SQL injection vulnerability exists in IBM Insights Foundation for Energy version 2.0. A remote attacker can exploit the vulnerability by sending speciall...
IBM Insights Foundation for Energy Cross-Site Scripting Vulnerability
IBM Insights Foundation for Energy is a suite of energy analytics, data management and visualization solutions from IBM in the United States. A cross-site scripting vulnerability exists in IBM Insights Foundation for Energy version 2.0. A remote attacker can exploit this vulnerability to inject...
CVE-2017-1311
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719...
CVE-2017-1345
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126460...
Cross site scripting
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126460...
Sql injection
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719...
CVE-2017-1311
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719...
CVE-2017-1345
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126460...
CVE-2017-1345
The CVE-2017-1345 entry concerns IBM Insights Foundation for Energy 2.0, where a cross-site scripting vulnerability exists in the Web UI. The incident allows an attacker to inject arbitrary JavaScript into the Web UI, potentially altering functionality and leading to credentials disclosure within...
CVE-2017-1311
IBM Insights Foundation for Energy 2.0 is affected by a SQL injection vulnerability. A remote attacker can send specially crafted SQL statements to view, add, modify, or delete data in the back-end database. This is documented across multiple sources (e.g., NVD/NVD-derived entries and CNVD), whic...
IBM Insights Foundation for Energy Sensitive Information Disclosure Vulnerability
IBM Insights Foundation for Energy is a suite of energy analytics, data management and visualization solutions from IBM in the United States. A sensitive information disclosure vulnerability exists in IBM Insights Foundation for Energy versions 1.0,1.5 and 1.6. It allows authenticated users to...
CVE-2017-1141
IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages. IBM X-Force ID: 121907...