Lucene search
+L

53 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/10/01 12:33 p.m.37 views

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Plexus-utils (CVE-2017-1000487)

Summary Plexus-utils could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By sending contents with double quoted strings, an attacker could exploit this vulnerability to execute arbitrary commands on the system...

9.8CVSS3.3AI score0.06543EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 9:46 p.m.54 views

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Tomcat 7.099 (CVE-2020-13935)

Summary Apache Tomcat 7.099 is vulnerable to a denial of service, caused by improper validation of the payload length in a WebSocket frame. By sending multiple requests with invalid payload lengths, a remote attacker could exploit this vulnerability to cause the application to enter into an...

7.5CVSS0.8AI score0.87553EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/08 3:7 p.m.13 views

Security Bulletin: IBM Resilient OnPrem does not properly limit the number or frequency of pssword reset interactions

Summary IBM Resilient OnPrem does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests for password reset Vulnerability Details CVEID: CVE-2019-4532 DESCRIPTION: IBM Resilient OnPrem does not properly limit the number or...

0.7AI score
Exploits0Affected Software1
Metasploit
Metasploit
added 2018/11/30 5:36 p.m.20 views

Vulnerable domain identification

Identifying potentially vulnerable Exchange endpoints //usr/bin/env go run "$0" "$@"; exit "$?" package main import "metasploit/module" "msmail" "net" "strings" func main metadata := &module.Metadata Name: "Vulnerable domain identification", Description: "Identifying potentially vulnerable Exchan...

Exploits0
NVD
NVD
added 2011/03/09 11:0 p.m.16 views

CVE-2011-0464

Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors...

10CVSS7.6AI score0.06016EPSS
Exploits0References7
Prion
Prion
added 2011/03/09 11:0 p.m.14 views

Code injection

Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors...

10CVSS8.2AI score0.06016EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2011/03/09 10:0 p.m.20 views

CVE-2011-0464

Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors...

7.6AI score0.06016EPSS
Exploits0References7
CVE
CVE
added 2011/03/09 10:0 p.m.49 views

CVE-2011-0464

The CVE-2011-0464 entry concerns Novell Vibe OnPrem 3.0 prior to Hot Patch 1, with a remote code execution vulnerability described as unspecified vectors. The NVD record assigns a CVSS v2 base score of 10.0 (HIGH) and indicates network attack with no authentication required, affecting confidentia...

10CVSS7.9AI score0.06016EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2011/01/07 11:0 p.m.21 views

CVE-2010-4322

Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...

3.5CVSS5.3AI score0.00769EPSS
Exploits0References2
Prion
Prion
added 2011/01/07 11:0 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...

3.5CVSS5.7AI score0.00769EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2011/01/07 10:0 p.m.57 views

CVE-2010-4322

CVE-2010-4322: A stored XSS in gwtTeaming.rpc of Novell Vibe OnPrem 3 BETA via the Micro Blog field; lack of input sanitization/output encoding allows remote authenticated users to inject script. Impact includes potential session cookie theft, session hijacking, and related abuse. Fixed in the fi...

3.5CVSS5.4AI score0.00769EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2011/01/07 10:0 p.m.32 views

CVE-2010-4322

Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...

5.3AI score0.00769EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/12/12 12:0 a.m.73 views

Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability

Title: Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability Risk CVSS2 Base Score: High 7.0 Solutionary ID: SERT-VDN-1002 CVE ID: CVE-2010-4322 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html Product: Vibe...

3.5CVSS0.2AI score0.00769EPSS
Exploits0
Rows per page
Query Builder