Lucene search
K

75 matches found

CVE
CVE
added 2025/01/25 1:55 p.m.57 views

CVE-2023-38714

CVE-2023-38714 affects IBM Cloud Pak System versions 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1, with the issue described as disclosing sensitive information about the system that could aid in further attacks. The IBM secur...

7.5CVSS5AI score0.00314EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.24 views

EulerOS 2.0 SP9 : python-requests (EulerOS-SA-2025-1044)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...

4.3CVSS5AI score0.00374EPSS
Exploits0References2
NVD
NVD
added 2024/12/03 5:15 p.m.35 views

CVE-2024-25035

IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks...

5.3CVSS0.00301EPSS
Exploits0References1
OSV
OSV
added 2024/11/14 6:15 p.m.12 views

CVE-2024-1682

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...

4.3CVSS7AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/14 5:32 p.m.37 views

CVE-2024-1682 Unclaimed S3 Bucket Reference in psf/requests Documentation

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...

4.3CVSS7AI score0.00374EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/07/15 6:32 p.m.9 views

RISC Zero zkVM notes on zero-knowledge

RISC Zero zkVM was designed from its inception to provide three main guarantees: 1. Computational integrity: that a given software program executed correctly. 2. Succinctness: that the proof of execution does not grow in relation to the program being executed. 3. Zero Knowledge: that details of t...

7AI score
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2024/05/14 6:15 p.m.20 views

CVE-2024-4766

Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 126...

4.3CVSS7.2AI score0.00393EPSS
Exploits0References5
Prion
Prion
added 2023/09/08 6:15 p.m.25 views

Design/Logic Flaw

In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks...

5CVSS5.1AI score0.00328EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.6 views

PT-2023-4773 · Siemens · Ruggedcom Rs900 +27

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM i800 versions RUGGEDCOM i801 versions RUGGEDCOM i802 versions RUGGEDCOM i803 versions RUGGEDCOM M2100 versions RUGGEDCOM M2200 versions RUGGEDCOM M969 versions RUGGEDCOM RMC30 versions RUGGEDCOM RMC8388 versions 4.X through 5.X...

9.8CVSS9.3AI score0.00579EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/06/02 5:15 p.m.57 views

CVE-2023-28159

The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...

4.3CVSS6.7AI score0.00348EPSS
Exploits0References2
Code423n4
Code423n4
added 2022/11/09 12:0 a.m.11 views

No Allowlist For Bridgeable ERC-20 Tokens

Lines of code Vulnerability details Vulnerability Details We noticed that the deposit function of the L1ERC20Bridge contract code snippet 1 permits a user to bridge any ERC-20 tokens including deflationary and rebase tokens from the L1 to the L2 network. We considered that permitting non-standard...

6.7AI score
Exploits0
hivepro
hivepro
added 2022/03/09 2:14 p.m.61 views

Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 71 the following vulnerabilities in their March 2022 Patch Tuesday Update. This advisory briefs about six vulnerabilities out of which three of them have been rated critical in severity and three of them ar...

7.2CVSS1.3AI score0.40789EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2021/12/09 12:58 p.m.3 views

Mozilla: JavaScript unexpectedly enabled for the composition area

Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability affects Thunderbird...

6.5CVSS7.4AI score0.01267EPSS
Exploits0References4
OSV
OSV
added 2021/11/08 4:15 a.m.15 views

CVE-2021-42072

An issue was discovered in Barrier before 2.4.0. The barriers component aka the server-side implementation of Barrier does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks...

8.8CVSS6.4AI score
Exploits0References4
CVE
CVE
added 2021/03/09 2:55 p.m.46 views

CVE-2021-20341

The CVE-2021-20341 issue affects IBM Cloud Pak for Multicloud Management Monitoring prior to version 2.2.6. It arises from returning potentially sensitive information in HTTP headers, which could enable subsequent attacks against the system. CVSS details in the sources indicate a medium severity ...

5.3CVSS4.9AI score0.01026EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/03/08 12:0 a.m.5 views

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports deploying, managing and moving application environments across hybrid clouds. A security vulnerability exists in IBM Cloud Pak that stems from the return of...

5.3CVSS5.6AI score0.01026EPSS
Exploits0References3
Prion
Prion
added 2021/01/12 3:15 p.m.16 views

Information disclosure

IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286...

4CVSS4.1AI score0.00806EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2020/07/10 3:54 a.m.17 views

U.S. Dept Of Defense: SharePoint Web Services Exposed to Anonymous Access

The SharePoint configuration for this particular site allows any user to access the spdisco.aspx on the web server which discloses the location of of all SharePoint's web service endpoints. The URLs are: ██████████ ███ Impact An adversary may utilize the exposed information about the web services...

3.1AI score
Exploits0
FreeBSD
FreeBSD
added 2020/04/20 12:0 a.m.17 views

py-markdown2 -- XSS vulnerability

TheGrandPew reports: python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.4AI score0.01868EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2017-1260)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.02585EPSS
Exploits7References2
Rows per page
Query Builder