Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.5 views

PT-2024-37395 · Hamastar · Hamastar Meetinghub Paperless Meetings

Name of the Vulnerable Software and Affected Versions: Hamastar MeetingHub Paperless Meetings version 2021 Description: A Plaintext Storage of a Password issue in the ebooknote function allows remote attackers to obtain other users' credentials and gain access to the product via an XML file...

9.3CVSS7.5AI score0.00484EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.491 views

IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS5.5AI score0.00573EPSS
Exploits3
0day.today
0day.today
added 2024/02/12 12:0 a.m.388 views

IBM i Access Client Solutions Remote Credential Theft Vulnerability

IBM i Access Client Solutions ACS versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 suffer from a remote credential theft vulnerability. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

5.5CVSS5.5AI score0.00573EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/02/09 12:0 a.m.354 views

IBM i Access Client Solutions Remote Credential Theft

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...

5.5CVSS7.4AI score0.00573EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/08 5:45 p.m.32 views

Security Bulletin: IBM i Access Client Solutions is vulnerable to remote credential theft when NTLM is enabled on Windows workstations

Summary IBM i Access Client Solutions ACS is vulnerable to remote credential theft when NT LAN Manager NTLM is enabled on Windows workstations CVE-2024-22318. Since IBM i Access Client solutions allows Universal Naming Convention UNC paths in its configuration files, if a path is modified to poin...

5.5CVSS5.1AI score0.00573EPSS
Exploits3Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.5 views

PT-2023-21053 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.2-64561 Description: The issue concerns the use of insufficiently random values in the User Management Functionality, allowing remote attackers to obtain user credentials via unspecified...

7.5CVSS7.2AI score0.00875EPSS
Exploits0References8
OSV
OSV
added 2021/06/01 2:15 p.m.4 views

CVE-2019-4724

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130...

7.5CVSS7.3AI score
Exploits0References3
OSV
OSV
added 2021/03/17 9:15 a.m.2 views

CVE-2021-22860

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. The vulnerability allows remote attacker to obtain users’ credential information without logging in the system, and further acquire the privileged permissions and execute arbitrary...

9.8CVSS7.5AI score
Exploits0References3
The Hacker News
The Hacker News
added 2020/05/05 4:57 p.m.33 views

Download: 'Coronavirus Cyber Security for Management' Template for CISOs

The Coronavirus crisis introduces critical operational challenges to business continuity, placing high stress on organizations' management. As a result, CIOs and CISOs face a double challenge on the cyber risk front – apart from the new risks that the mass transfer of employees working remotely...

0.2AI score
Exploits0
OSV
OSV
added 2020/01/22 7:15 p.m.3 views

CVE-2019-19843

Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wpstoolcache...

9.8CVSS5.8AI score0.0182EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/12/24 12:0 a.m.6 views

PT-2018-18717 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue allows remote attackers to steal credentials. Recommendations: For versions prior to 6.1.6-15266, update to version 6.1.6-15266 or later to resolve the issu...

9.8CVSS7.3AI score0.01443EPSS
Exploits0References3
NVD
NVD
added 2007/04/19 10:19 a.m.15 views

CVE-2007-2149

Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in 1 classes/vars.php and 2 classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the files, and allows remote attacker...

10CVSS6.7AI score0.03088EPSS
Exploits0References4
Rows per page
Query Builder