Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.5 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of authentication procedures. This allows attackers to bypass security restrictions and gain access to read and modify data.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the authentication process. Exploiting these vulnerabilities can allow an attacker to bypass security...

6.8CVSS5.6AI score0.00252EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/14 12:0 a.m.5 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in improper verification of certificates. This allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller is related to improper verification of certificates. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

8.5CVSS5.5AI score0.0025EPSS
Exploits0References3Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/01/19 5:5 a.m.1 views

GROWI vulnerable to cross-site scripting

Overview GROWI provided by WESEEK, Inc. contains a cross-site scripting vulnerability CWE-79. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

6.1CVSS6AI score0.01044EPSS
Exploits0References5
GoogleProjectZero
GoogleProjectZero
added 2018/08/02 12:0 a.m.29 views

Adventures in vulnerability reporting

Posted by Natalie Silvanovich, Project Zero At Project Zero, we spend a lot of time reporting security bugs to vendors. Most of the time, this is a fairly straightforward process, but we occasionally encounter challenges getting information about vulnerabilities into the hands of vendors. Since i...

10CVSS7.2AI score0.08747EPSS
Exploits2
ThreatPost
ThreatPost
added 2015/02/27 11:11 a.m.9 views

Twitter Changes Abuse Reporting Process to Address Doxing

Twitter has revised and simplified its rules and process for reporting abusive behavior on the service, and users now have the ability to report people who are posting their personal information. The change essentially gives Twitter users a method to combat doxing, which is the process of dumping...

6.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/10/03 12:25 p.m.10 views

Yahoo Revamps Bug Bounty Vulnerability Rewards Program

Yahoo has promised to put the finishing touches on a new vulnerability reporting and rewards policy by Halloween after finding itself in the throes of a mini scandal this week over two $12.50 Yahoo company store discount codes handed out to one researcher in thanks for turning in a pair of...

Exploits0References4
ThreatPost
ThreatPost
added 2010/03/25 2:24 p.m.7 views

Charlie Miller on Pwn2Own

Charlie Miller won his third consecutive Pwn2Own contest at the CanSecWest conference in Vancouver this week. In this video he talks about the contest, the state of Apple security and the bug-finding and reporting process...

1.7AI score
Exploits0
Rows per page
Query Builder