13 matches found
CVE-2025-56760
When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server...
CVE-2024-22349
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system...
IBM Maximo Asset Management and IBM Maximo Application Suite Security Vulnerabilities
IBM Maximo Asset Management and IBM Maximo Application Suite are both products of International Business Machines IBM, U.S.A. IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution. The solution is capable of managing all types of assets, such as...
CVE-2023-27545 IBM Watson CloudPak for Data Data Stores information disclosure
IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 248947...
CVE-2022-22314
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 217371...
CVE-2022-22314
IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 217371...
IBM Edge 安全漏洞
Edge is a Node.js logic and template engine that contains batteries. IBM Edge has an information disclosure vulnerability that stems from the fact that IBM Edge allows web pages to be stored locally, which can be exploited by an attacker to read those pages...
IBM Edge 安全漏洞
Edge is a Node.js logic and template engine that contains batteries. IBM Edge has an information disclosure vulnerability that stems from the fact that IBM Edge allows web pages to be stored locally, which can be exploited by an attacker to read those pages...
IBM Application Performance Management Security Vulnerability
IBM Application Performance Management APM is a suite of IT service management software from IBM in the United States. The software is primarily used to monitor and manage cloud, on-premise and hybrid applications, and IT infrastructure. A security vulnerability exists in the IBM Application...
Security Bulletin: IBM Security Access Manager Appliance is affected by a vulnerability (CVE-2017-1478)
Summary IBM Security Access Manager Appliance has addressed the following vulnerability due to locally stored web pages. Vulnerability Details CVEID: CVE-2017-1478 DESCRIPTION: IBM Security Access Manager Appliance allows web pages to be stored locally which can be read by another user on the...
Procter&Gamble Oral-B App for Android Privilege Gain Vulnerability
Procter&Gamble Oral-B App for Android is an Android-based electric toothbrush management app from Procter&Gamble. A security vulnerability exists in version 5.0.0 of the Procter&Gamble Oral-B App for Android, which stems from the program's use of AES encryption with static parameters. An attacker...
Design/Logic Flaw
In the Procter & Gamble "Oral-B App" aka com.pg.oralb.oralbapp application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences...
CVE-2018-5298
In the Procter & Gamble "Oral-B App" aka com.pg.oralb.oralbapp application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences...