80 matches found
Authentication flaw
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker can set an undocumented parameter to a particular compatibility value and in turn call read functions. This allows the attacker to gather some non-sensitive information about the server. There is no...
PT-2023-4215 · Sap · Sap Host Agent
Name of the Vulnerable Software and Affected Versions: SAP Host Agent version 7.22 Description: The issue is related to a missing authentication check in the SAP Host Agent, allowing an unauthenticated attacker to set an undocumented parameter to a particular compatibility value. This enables the...
PT-2023-25091 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.5.0 through 2.6.1 Description: The issue in Apache Airflow involves the potential exposure of sensitive values to users under certain conditions. This is mitigated by the default configuration not showing sensitive...
CVE-2022-3866 Nomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2...
Input validation
An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323...
IBM Aspera High-Speed Transfer信息泄露漏洞
IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...
Information disclosure
IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059...
IBM Aspera 信息泄露漏洞
IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...
OPENSUSE-SU-2020:2331-1 Security update for xen
This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3913-1)
This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...
CVE-2019-11273 PKS Telemetry logs credentials
Pivotal Container Services PKS versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information...
Mail.ru: Full Path Disclosure
crisis.mail.ru revealed non-sensitive information, such as application installation path via error messages. crisis.mail.ru is a domain name delegated to partner service...
Mail.ru: Найден build.sh в webagent.mail.ru
Source code of build script for web application was available for download. It could leak some non-sensitive information on internal build processes and configurations...
Snapchat: Client IP Spoofing using "X-Forwarded-For: 127.0.0.1" on "studio-app.snapchat.com" exposing bucket details
Researcher's summary is accurate. An attacker could view a variety of non-sensitive service config information by setting the X-Forwarded-For: 127.0.0.1 header on a specific service path. By adding "X-Forwarded-For: 127.0.0.1" as a header while requesting a certain path on a certain snapchat...
CVE-2017-1613
IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954...
Code injection
IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954...
CVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
CVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...
Belden Hirschmann GECKO Information Disclosure Vulnerability
The Belden Hirschmann GECKO is the lean managed industrial Ethernet switch. An information disclosure vulnerability exists in the Belden Hirschmann GECKO switch. An attacker could exploit this vulnerability to obtain non-sensitive information...
Lulzsec Hackers Break Into U.S. Senate Computers
Lulzsec Hackers Break Into U.S. Senate Computers The loosely organized hacker group Lulz Security broke into a public portion of the Senate website but did not reach behind a firewall into a more sensitive portion of the network, Martina Bradford, the deputy Senate sergeant at arms.Lulz announced...