Lucene search
K

181 matches found

Cvelist
Cvelist
added 2017/08/30 9:0 p.m.21 views

CVE-2017-1442

IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 128107...

8.4AI score0.00668EPSS
Exploits0References3
CVE
CVE
added 2017/08/30 9:0 p.m.49 views

CVE-2017-1442

CVE-2017-1442 affects IBM Emptoris Services Procurement 10.x, specifically 10.0.0.5, where a cross-site request forgery vulnerability could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The IBM Security Bulletin confirms this CSRF issue and lists the fi...

8.8CVSS8.4AI score0.00668EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/08/30 9:0 p.m.45 views

CVE-2017-1443

IBM Emptoris Services Procurement 10.x is affected by CVE-2017-1443, a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM security bulletin lists 10.0.0.5 as affected an...

6.1CVSS6AI score0.00977EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/07/24 12:0 a.m.6 views

IBM Emptoris Services Procurement Local Information Disclosure Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A security vulnerability exists in IBM Emptoris Services Procurement that stems from a failure of proper access control....

5.5CVSS6.3AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.4 views

IBM Emptoris Services Procurement Cross-Site Request Forgery Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site request forgery vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker...

8.8CVSS8.8AI score0.00668EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.5 views

IBM Emptoris Services Procurement Cross-Site Scripting Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site scripting vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker can...

6.1CVSS6.5AI score0.00977EPSS
Exploits0References1
Cisco Threats
Cisco Threats
added 2017/06/19 1:52 p.m.10 views

Threat Outbreak Alert RuleID29512: Email Messages Distributing Malicious Software on June 19, 2017

Medium Alert ID: 54229 First Published: 2017 June 19 13:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29512 may contain the following files: Name | Siz...

0.4AI score
Exploits0
CNVD
CNVD
added 2017/05/24 12:0 a.m.5 views

Oracle PeopleSoft Enterprise SCM Service Procurement Remote Vulnerability

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, of which PeopleSoft Enterprise SCM is a supply chain management component. A remote security vulnerability exists in Oracle PeopleSoft Enterprise SCM Service Procurement. An attacker...

6.5CVSS6.8AI score0.01718EPSS
Exploits0References1
rapid7community
rapid7community
added 2017/05/12 9:23 p.m.39 views

White House Cybersecurity Executive Order Summary

Yesterday President Trump issued an Executive Order on cybersecurity: "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." The Executive Order EO appears broadly positive and well thought out, though it is just the beginning of a long process and not a sea change in...

6.7AI score
Exploits0
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3525

Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...

6.5CVSS5.8AI score0.01718EPSS
Exploits0References3
NVD
NVD
added 2017/04/24 7:59 p.m.18 views

CVE-2017-3525

Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...

6.5CVSS5.8AI score0.01718EPSS
Exploits0References3
Prion
Prion
added 2017/04/24 7:59 p.m.11 views

Design/Logic Flaw

Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...

6.5CVSS5.8AI score0.01718EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2017/04/24 7:0 p.m.5 views

CVE-2017-3525

Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...

6.3AI score0.01718EPSS
Exploits0References3
CVE
CVE
added 2017/04/24 7:0 p.m.43 views

CVE-2017-3525

CVE-2017-3525 affects Oracle PeopleSoft Enterprise SCM Service Procurement (subcomponent: Usability) version 9.2. The vulnerability arises in that component, with an attacker able to exploit over a network via HTTP by a high-privilege user to compromise data; impact includes unauthorized creation...

6.5CVSS6.3AI score0.01718EPSS
Exploits0References3Affected Software1
Cisco Threats
Cisco Threats
added 2017/04/11 4:11 p.m.16 views

Threat Outbreak Alert RuleID28709: Email Messages Distributing Malicious Software on April 11, 2017

Medium Alert ID: 53401 First Published: 2017 April 11 16:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28709 may contain the following files: Name | Si...

0.7AI score
Exploits0
OSV
OSV
added 2016/10/25 2:31 p.m.4 views

CVE-2016-5600

Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.4CVSS5.8AI score0.01158EPSS
Exploits0References3
Prion
Prion
added 2016/10/25 2:31 p.m.12 views

Design/Logic Flaw

Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.5CVSS5.7AI score0.01158EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2016/10/25 2:0 p.m.7 views

CVE-2016-5600

Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.7AI score0.01158EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/10/25 2:0 p.m.20 views

CVE-2016-5600

Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

4.5AI score0.01158EPSS
Exploits0References3
CVE
CVE
added 2016/10/25 2:0 p.m.42 views

CVE-2016-5600

Technical details about CVE-2016-5600 are not publicly provided in the supplied documents. No affected versions or vectors are specified here. Monitor for updates from official advisories and vendor CVE records.

5.5CVSS5.2AI score0.01158EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder