Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/04/24 2:48 p.m.6 views

CVE-2026-40611

A flaw was found in lego, the Let's Encrypt client and ACME library written in Go. A malicious ACME Automated Certificate Management Environment server can exploit a path traversal vulnerability in the webroot HTTP-01 challenge provider. By supplying a specially crafted challenge token containing...

8.8CVSS5.6AI score0.0034EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/03 12:0 a.m.3 views

PT-2023-1394 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions 2.6.0-rc1 through 2.6.0 Description: The issue is related to an output sanitization bug in Argo CD, which leaks repository access credentials in error messages. These error messages are visible to the user and are logged. The...

6.5CVSS9.4AI score0.00843EPSS
Exploits0References15
Qualys Blog
Qualys Blog
added 2021/04/01 5:1 p.m.39 views

Assessing Mainframe Compliance While Minimizing Operational Impact

While many in the industry consider mainframes to be inherently secure systems that dont require additional hardening, this is not the case, according to recent Forrester surveys which reveal that security incidents are commonplace in mainframes. Mainframes are the backbone of many businesses and...

Exploits0
Symantec
Symantec
added 2019/12/16 12:0 a.m.32 views

Atlassian Crowd CVE-2017-18107 Cross Site Request Forgery Vulnerability

Description Atlassian Crowd is prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue allows a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also...

0.1AI score0.00449EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/02/21 7:59 a.m.13 views

Information disclosure

Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to backup the system configuration and download it onto thei...

4CVSS6.5AI score0.03021EPSS
Exploits3References3Affected Software1
OSV
OSV
added 2017/02/21 7:59 a.m.8 views

CVE-2016-9269

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update...

9.9CVSS6AI score0.13419EPSS
Exploits3References3
Symantec
Symantec
added 2003/11/11 12:0 a.m.16 views

Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability

Description A vulnerability exists in Internet Explorer when handling specific DHTML events, allowing a malicious Web page to intercept mouse click events to perform unintended drag and drop operations. In particular, it is possible to simulate a mouse drag and drop event through use of the moveB...

Exploits0References2Affected Software1
Rows per page
Query Builder