Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/06/11 6:19 p.m.8 views

CVE-2026-45178 Idira Secrets Manager Self-Hosted: Improper Access Control in Internal Cluster Endpoints

Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could leverage these endpoints to potentially retrieve unauthorized secrets or cause a denial ...

8.4CVSS5.5AI score0.00361EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Ambassador API Gateway Diagnostics Sensitive Information Disclosure

Ambassador API Gateway includes a diagnostics portal that provides detailed information about the API Gateway's configuration and operation. If this portal is accessible without proper authentication, it can expose sensitive information such as service mappings, API endpoints, routing...

6.5AI score
Exploits0References2
CNVD
CNVD
added 2019/06/24 12:0 a.m.4 views

Apache Geode server security bypass vulnerability

Apache Geode is the Apache Software Foundation's suite of management platforms for distributed cloud architectures that provide real-time and consistent access to data for data-intensive applications. A security vulnerability exists in Apache Geode server versions 1.0.0 through 1.8.0. An attacker...

6.5CVSS6.8AI score0.02192EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/21 3:15 p.m.16 views

CVE-2017-15694

When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could modify this data in a way that affects the operation of the cluster...

6.3AI score0.02192EPSS
Exploits0References2
CNVD
CNVD
added 2018/05/29 12:0 a.m.6 views

IBM Storwize V7000 Unified Information Disclosure Vulnerability (CNVD-2018-10565)

IBM Storwize V7000 Unified is a virtualized storage system from IBM USA. The system provides a single point of control over storage resources, automatic optimization of application storage performance, and other features. A security vulnerability exists in the Web management interface in IBM...

7.5CVSS6.6AI score0.02013EPSS
Exploits2References1
Prion
Prion
added 2018/05/25 2:29 p.m.17 views

Code injection

The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. IBM X-Force ID: 140398...

5CVSS7.2AI score0.02013EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2018/05/25 2:29 p.m.15 views

CVE-2018-1467

The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. IBM X-Force ID: 140398...

7.5CVSS5.8AI score0.02013EPSS
Exploits2References3
CVE
CVE
added 2018/05/25 2:0 p.m.38 views

CVE-2018-1467

CVE-2018-1467 affects IBM Storwize V7000 Unified: the management Web interface 1.6 exposes internal cluster details to unauthenticated users. Affected code releases span 1.6.0.0–1.6.2.3; IBM lists a fix in v1.6.2.4 or later. If details are needed, refer to IBM’s Security Bulletin for the affected...

7.5CVSS7.5AI score0.02013EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2018/05/22 12:0 a.m.4 views

CoreOS Tectonic Information Disclosure Vulnerability

CoreOS Tectonic is an automated enterprise Kubernetes platform. The platform automates operational tasks, enabling platform portability and multi-cluster management. An information disclosure vulnerability exists in CoreOS Tectonic version 1.7.x before 1.7.9-tectonic.4 and version 1.8.x before...

7.5CVSS6.4AI score0.01671EPSS
Exploits0References1
Rows per page
Query Builder