Lucene search
K

118 matches found

CNVD
CNVD
added 2019/12/11 12:0 a.m.2 views

SAP Portfolio and Project Management Information Disclosure Vulnerability

SAP Portfolio and Project Management PPM is a suite of asset portfolio and project management software from SAP. The software supports the management of the entire project lifecycle, identifying project exceptions and risks, and reporting on project performance based on real-time data. An...

6.5CVSS6.1AI score0.00882EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/07 12:0 a.m.4 views

GitLab has an unspecified vulnerability (CNVD-2019-42897)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

5.3CVSS6.6AI score0.0088EPSS
Exploits0References1
OSV
OSV
added 2019/10/01 4:15 p.m.2 views

CVE-2019-14957

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vimsettings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository...

5.3CVSS6.2AI score0.0108EPSS
Exploits0References1
NVD
NVD
added 2019/10/01 4:15 p.m.15 views

CVE-2019-14957

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vimsettings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository...

5.3CVSS6.2AI score0.0108EPSS
Exploits0References1
Prion
Prion
added 2019/10/01 4:15 p.m.18 views

Design/Logic Flaw

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vimsettings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository...

5CVSS5.2AI score0.0108EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/01 3:39 p.m.18 views

CVE-2019-14957

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vimsettings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository...

6.2AI score0.0108EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/10 12:0 a.m.2 views

GitLab CE/EE Information Disclosure Vulnerability (CNVD-2019-32228)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. GitLab CE/...

7.5CVSS6.3AI score0.0178EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/09/10 12:0 a.m.37 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Project Template Functionality Could Be Used to Access Restricted Project Data Security Enhancements in GitLab Pages...

7.1CVSS1.6AI score0.00956EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.4 views

The vulnerability of Siemens LOGO!8 BM programmable logic controller’s microprogramming software lies in the presence of pre-installed encryption keys, which allow attackers to decrypt the project data.

The vulnerability of Siemens LOGO!8 BM programmable logic controller’s microprogramming software is related to the presence of pre-installed encryption keys. Exploiting this vulnerability allows an attacker to decrypt project data using port 10005/TCP...

7.5CVSS5.5AI score0.01504EPSS
Exploits2References3
CNVD
CNVD
added 2019/05/22 12:0 a.m.2 views

GitLab Authorization Issues Vulnerability (CNVD-2019-43039)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab. Th...

7.5CVSS7AI score0.01422EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/05/21 3:15 p.m.161 views

HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak

IT services provider HCL Technologies has inadvertently exposed passwords, sensitive project reports and other private data of thousands of customers and internal employees on various public HCL subdomains. HCL, an $8 billion conglomerate with more than 100,000 employees, specializes in...

7AI score
Exploits0References8
Prion
Prion
added 2019/05/14 8:29 p.m.16 views

Hardcoded credentials

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...

5CVSS7.4AI score0.01504EPSS
Exploits2References5Affected Software1
Hacker One
Hacker One
added 2018/11/18 3:13 a.m.27 views

GitLab: Exfiltrate and mutate repository and project data through injected templated service

The GitLab import feature contains a vulnerability that allows an attacker to import a project that creates a service template. Service templates can normally only be created by a GitLab instance Administrator. When a new project is created, service templates are automatically initialized for the...

0.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.7 views

The software of the remote monitoring system Advantech WebAccess is vulnerable due to insufficient protection of the SQL query structure during authentication. This vulnerability allows attackers to execute arbitrary SQL commands and modify web server settings, user accounts, and projects.

The vulnerability of Advantech WebAccess remote monitoring software exists due to insufficient protection of the SQL query structure during authentication injection of SQL code. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands and modify web server settings...

6.5CVSS8AI score0.01689EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2017/04/17 3:59 p.m.3 views

CVE-2016-4867

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function...

4.3CVSS5.8AI score0.01366EPSS
Exploits0References4
CNVD
CNVD
added 2016/11/21 12:0 a.m.4 views

SIEMENS SIMATIC CP 1543-1 Device Privilege Elevation Vulnerability

The SIEMENS SIMATIC CP 1543-1 is a communication processor with integrated firewall, VPN, security protocols, data encryption, and other security features that provides network connectivity and secure communication for s7-1500 controllers. An elevation of privilege vulnerability exists in the...

6.6CVSS7.5AI score0.01585EPSS
Exploits0References1
OSV
OSV
added 2016/08/05 3:59 p.m.4 views

CVE-2016-5392

The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list...

6.5CVSS5.8AI score0.02464EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2015/05/13 12:0 a.m.23 views

PHPCollab 2.5 - 'deletetopics.php' SQL Injection

Exploit Title: PHPCollab 2.5 - SQL Injection Google Dork: filetype:php inurl:"/general/login.php?PHPSESSID=" Date: 13/05/2015 Exploit Author: Wad Deek Vendor Homepage: http://www.phpcollab.com/ Software Link: http://sourceforge.net/projects/phpcollab/files/final/2.5/ Version: 2.5 +2.5...

7.4AI score
Exploits0
Rows per page
Query Builder