Lucene search
K

1326 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:46 p.m.18 views

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server affect IBM Spectrum Protect for Workstations (formerly Tivoli Storage Manger FastBack for Workstations) Central Administration Console (CVE-2017-1380, CVE-2017-1381)

Summary Vulnerabilities in IBM WebSphere Application Server affect IBM Spectrum Protect for Workstations formerly Tivoli Storage Manager FastBack for Workstations Central Administration Console can allow users to embed arbitrary JavaScript code in the Web UI or allow a local attacker to obtain...

5.4CVSS0.9AI score0.01049EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:8 a.m.37 views

Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix

Summary WebSphere Application Server may have insecure file permissions after custom startup scripts are run. The custom startup script will not pull the umask from the server.xml. This may cause some log files to have different permissions then expected. There is an information disclosure in the...

9.8CVSS0.5AI score0.57472EPSS
Exploits5Affected Software1
Openbugbounty
Openbugbounty
added 2018/06/14 12:7 a.m.9 views

proxy.lib.berkeley.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-631748 Description| Value ---|--- Affected Website:| proxy.lib.berkeley.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

Exploits0
NVD
NVD
added 2018/06/05 9:29 p.m.12 views

CVE-2017-7636

Cross-site scripting XSS vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.01186EPSS
Exploits0References2
NVD
NVD
added 2018/06/05 9:29 p.m.14 views

CVE-2017-7635

QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections...

8.8CVSS8.8AI score0.00593EPSS
Exploits0References2
OSV
OSV
added 2018/06/05 9:29 p.m.4 views

CVE-2017-7635

QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections...

8.8CVSS5.8AI score0.00593EPSS
Exploits0References2
Prion
Prion
added 2018/06/05 9:29 p.m.17 views

Cross site request forgery (csrf)

QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections...

6.8CVSS8.7AI score0.00593EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/05 9:29 p.m.4 views

CVE-2017-7636

Cross-site scripting XSS vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS5.9AI score0.01186EPSS
Exploits0References2
NVD
NVD
added 2018/06/05 9:29 p.m.11 views

CVE-2017-7637

QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges...

10CVSS9.6AI score0.03158EPSS
Exploits0References2
Prion
Prion
added 2018/06/05 9:29 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS6.1AI score0.01186EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/05 9:29 p.m.3 views

CVE-2017-7639

QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server...

5.3CVSS5.8AI score0.01104EPSS
Exploits0References2
NVD
NVD
added 2018/06/05 9:29 p.m.14 views

CVE-2017-7639

QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server...

5.3CVSS5.3AI score0.01104EPSS
Exploits0References2
Prion
Prion
added 2018/06/05 9:29 p.m.11 views

Code injection

QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server...

5CVSS5.3AI score0.01104EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/06/05 9:29 p.m.13 views

Design/Logic Flaw

QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges...

10CVSS9.5AI score0.03158EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.23 views

CVE-2017-7635

QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections...

8.8AI score0.00593EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.18 views

CVE-2017-7636

Cross-site scripting XSS vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML...

6.1AI score0.01186EPSS
Exploits0References2
CVE
CVE
added 2018/06/05 9:0 p.m.46 views

CVE-2017-7636

CVE-2017-7636 is a cross‑site scripting (XSS) vulnerability in the QNAP NAS Proxy Server up to version 1.2.0. The issue enables remote attackers to inject arbitrary web script or HTML into pages served by the Proxy Server. The vulnerability is exploitable remotely over the network, with user inte...

6.1CVSS6AI score0.01186EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.15 views

CVE-2017-7637

QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges...

9.7AI score0.03158EPSS
Exploits0References2
CVE
CVE
added 2018/06/05 9:0 p.m.43 views

CVE-2017-7637

CVE-2017-7637 affects QNAP NAS Proxy Server up to version 1.2.0. The vulnerability permits remote attackers to execute arbitrary OS commands with root privileges on affected systems. The records describe the vulnerable component as the Proxy Server and indicate a remote-command execution impact; ...

10CVSS9.5AI score0.03158EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/06/05 9:0 p.m.49 views

CVE-2017-7635

The CVE-2017-7635 entry concerns QNAP NAS Proxy Server (versions up to 1.2.0) that does not utilize CSRF protections. This lack enables CSRF-style abuse against affected installations, potentially allowing unauthorized state-changing actions initiated by an authenticated user’s session. The provi...

8.8CVSS8.7AI score0.00593EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder