Lucene search
K

86 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.10 views

CVE-2024-39730

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS7AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.8 views

CVE-2024-41987

The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a...

8.6CVSS6.8AI score0.00235EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49611

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00239EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-7978

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00641EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/28 12:36 a.m.8 views

CVE-2024-39730 IBM Datacap clickjacking

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS0.00199EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/04 9:9 p.m.23 views

webpack-dev-server users' source code may be stolen when they access a malicious web site

Summary Source code may be stolen when you access a malicious web site. Details Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoi...

5.9CVSS6.7AI score0.00427EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 6:26 a.m.13 views

CVE-2024-45082

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displaye...

6.8CVSS6.5AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:56 a.m.13 views

CVE-2022-34318

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM...

6.1CVSS6.5AI score0.00614EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.9 views

CVE-2019-17633

For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations e.g. ...

8.8CVSS6.8AI score0.00811EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/18 11:44 p.m.14 views

CVE-2021-29827 IBM InfoSphere Information Server clickjacking

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...

5.2CVSS6.7AI score0.00267EPSS
Exploits0References1
CVE
CVE
added 2024/08/29 4:39 p.m.62 views

CVE-2024-35133

CVE-2024-35133 affects IBM Security Verify Access (ISVA) versions 10.0.0 through 10.0.8, specifically the OIDC Provider. The vulnerability arises from an input/redirect handling flaw in the OAuth flow that allows an authenticated remote attacker to spoof the Redirect URL via an open redirect, ena...

8.2CVSS6.7AI score0.0163EPSS
Exploits2References2Affected Software2
Prion
Prion
added 2023/10/26 5:15 p.m.23 views

Code injection

The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site...

6.8CVSS8.6AI score0.00239EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/06/08 1:9 a.m.25 views

CVE-2023-23482 IBM Sterling Partner Engagement Manager clickjacking

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch...

5.4CVSS8.8AI score0.0061EPSS
Exploits0References2
NVD
NVD
added 2023/02/20 10:15 p.m.28 views

CVE-2021-32852

Countly, a product analytics solution, is vulnerable to cross-site scripting prior to version 21.11 of the community edition. The victim must follow a malicious link or be redirected there from malicious web site. The attacker must have an account or be able to create one. This issue is patched i...

9CVSS5.9AI score0.0093EPSS
Exploits1References4
NVD
NVD
added 2022/02/24 5:15 p.m.14 views

CVE-2021-39038

IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack...

5.4CVSS0.00689EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/13 5:55 p.m.27 views

CVE-2021-39054

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further...

5.4CVSS5.5AI score0.00587EPSS
Exploits0References2
Prion
Prion
added 2021/07/26 12:15 p.m.13 views

Design/Logic Flaw

IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and...

4.9CVSS5.4AI score0.00641EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/15 6:15 p.m.17 views

Open redirect

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a...

4.9CVSS3.5AI score0.00545EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/15 5:16 p.m.17 views

CVE-2021-20534

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a...

4.5CVSS3.7AI score0.00545EPSS
Exploits0References2
Veracode
Veracode
added 2021/07/14 9:3 p.m.24 views

Access Control Bypass

firefox is vulnerable to access control bypass. A remote attacker is able to bypass security restrictions as a result of enabling of network partitioning. By persuading a victim to visit a malicious web site, the error on a domain can be overridden which had specified HTTP Strict Transport Securi...

4.3CVSS2.9AI score0.0084EPSS
Exploits0References4Affected Software6
Rows per page
Query Builder