Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-17328

Malware in sbrugna...

4.9CVSS4.8AI score0.00622EPSS
Exploits1References3
CNVD
CNVD
added 2018/11/29 12:0 a.m.5 views

Rapid7 Komand Information Disclosure Vulnerability

Rapid7 Komand is a suite of IT security automation solutions from Rapid7 USA. The product features task automation, malware identification, vulnerability patching and email threat identification. A security vulnerability exists in Rapid7 Komand 0.41.0 and prior versions. An attacker could exploit...

4.9CVSS4.9AI score0.00622EPSS
Exploits1References1
NVD
NVD
added 2018/11/28 7:29 p.m.22 views

CVE-2018-5559

In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect...

4.9CVSS4.2AI score0.00622EPSS
Exploits1References2
OSV
OSV
added 2018/11/28 7:29 p.m.8 views

CVE-2018-5559

In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect...

4.9CVSS5.8AI score0.00622EPSS
Exploits1References2
CVE
CVE
added 2018/11/28 7:0 p.m.71 views

CVE-2018-5559

Affected software: Rapid7 Komand prior to 0.42.0. Vulnerability: information disclosure via endpoints that list always encrypted-at-rest connection data, potentially returning un-obscured sensitive data in the API response sent over an encrypted channel. Root cause (as stated): endpoints could ex...

4.9CVSS5.1AI score0.00622EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/11/28 7:0 p.m.23 views

CVE-2018-5559

In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect...

3.4CVSS5.1AI score0.00622EPSS
Exploits1References2
Rows per page
Query Builder