Lucene search
K

80 matches found

prion
prion
added 2023/08/08 1:15 a.m.25 views

Authentication flaw

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker can set an undocumented parameter to a particular compatibility value and in turn call read functions. This allows the attacker to gather some non-sensitive information about the server. There is no...

5CVSS5.2AI score0.00385EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2023/08/08 12:0 a.m.5 views

PT-2023-4215 · Sap · Sap Host Agent

Name of the Vulnerable Software and Affected Versions: SAP Host Agent version 7.22 Description: The issue is related to a missing authentication check in the SAP Host Agent, allowing an unauthenticated attacker to set an undocumented parameter to a particular compatibility value. This enables the...

5.3CVSS7.2AI score0.00385EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2023/06/19 12:0 a.m.4 views

PT-2023-25091 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.5.0 through 2.6.1 Description: The issue in Apache Airflow involves the potential exposure of sensitive values to users under certain conditions. This is mitigated by the default configuration not showing sensitive...

7.1CVSS6.2AI score0.01518EPSS
Exploits0References12
cvelist
cvelist
added 2022/11/10 5:34 a.m.33 views

CVE-2022-3866 Nomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2...

5CVSS5.4AI score0.00508EPSS
Exploits0References1
prion
prion
added 2022/07/01 6:15 p.m.14 views

Input validation

An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323...

5.5CVSS5.2AI score0.00505EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2022/04/18 12:0 a.m.25 views

IBM Aspera High-Speed Transfer信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

4.3CVSS3.6AI score0.00676EPSS
Exploits0References1
prion
prion
added 2022/04/14 6:15 p.m.13 views

Information disclosure

IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. IBM X-Force ID: 222059...

4CVSS4.1AI score0.00676EPSS
Exploits0References2Affected Software2
cnnvd
cnnvd
added 2022/04/14 12:0 a.m.5 views

IBM Aspera 信息泄露漏洞

IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...

4.3CVSS5.3AI score0.00676EPSS
Exploits0References4
osv
osv
added 2020/12/26 5:22 a.m.9 views

OPENSUSE-SU-2020:2331-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

8.8CVSS5.6AI score0.00438EPSS
Exploits0References17
nessus
nessus
added 2020/12/23 12:0 a.m.49 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:3913-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

8.8CVSS6.4AI score0.0183EPSS
Exploits1References27
cvelist
cvelist
added 2019/07/23 10:34 p.m.25 views

CVE-2019-11273 PKS Telemetry logs credentials

Pivotal Container Services PKS versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information...

2.2CVSS4.5AI score0.01032EPSS
Exploits0References1
hackerone
hackerone
added 2019/05/07 3:18 p.m.15 views

Mail.ru: Full Path Disclosure

crisis.mail.ru revealed non-sensitive information, such as application installation path via error messages. crisis.mail.ru is a domain name delegated to partner service...

2.8AI score
Exploits0
hackerone
hackerone
added 2018/10/03 4:37 p.m.50 views

Mail.ru: Найден build.sh в webagent.mail.ru

Source code of build script for web application was available for download. It could leak some non-sensitive information on internal build processes and configurations...

1.5AI score
Exploits0
hackerone
hackerone
added 2018/07/17 5:55 p.m.20 views

Snapchat: Client IP Spoofing using "X-Forwarded-For: 127.0.0.1" on "studio-app.snapchat.com" exposing bucket details

Researcher's summary is accurate. An attacker could view a variety of non-sensitive service config information by setting the X-Forwarded-For: 127.0.0.1 header on a specific service path. By adding "X-Forwarded-For: 127.0.0.1" as a header while requesting a certain path on a certain snapchat...

1.8AI score
Exploits0
osv
osv
added 2017/12/11 9:29 p.m.4 views

CVE-2017-1613

IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954...

5.3CVSS5.8AI score0.01533EPSS
Exploits0References3
prion
prion
added 2017/12/11 9:29 p.m.19 views

Code injection

IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954...

5CVSS5.4AI score0.01533EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2017/06/30 3:29 a.m.17 views

CVE-2017-6040

An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...

5.3CVSS5.8AI score0.00946EPSS
Exploits0References1
osv
osv
added 2017/06/30 3:29 a.m.4 views

CVE-2017-6040

An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously...

5.3CVSS5.8AI score0.00946EPSS
Exploits0References1
cnvd
cnvd
added 2017/06/30 12:0 a.m.6 views

Belden Hirschmann GECKO Information Disclosure Vulnerability

The Belden Hirschmann GECKO is the lean managed industrial Ethernet switch. An information disclosure vulnerability exists in the Belden Hirschmann GECKO switch. An attacker could exploit this vulnerability to obtain non-sensitive information...

5.3CVSS6.3AI score0.00946EPSS
Exploits0References1
thn
thn
added 2011/06/14 3:37 a.m.5 views

Lulzsec Hackers Break Into U.S. Senate Computers

Lulzsec Hackers Break Into U.S. Senate Computers The loosely organized hacker group Lulz Security broke into a public portion of the Senate website but did not reach behind a firewall into a more sensitive portion of the network, Martina Bradford, the deputy Senate sergeant at arms.Lulz announced...

7AI score
Exploits0
Rows per page
Query Builder