Lucene search
K

73 matches found

NVD
NVD
added 2024/06/11 12:15 p.m.20 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/11 11:15 a.m.10 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS5.4AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/11 11:15 a.m.19 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 11:15 a.m.57 views

CVE-2024-35211

The CVE-2024-35211 issue affects Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0), all versions prior to V1.2. The underlying flaw is that the web server sets session cookies after login without security attributes (no Secure, HttpOnly, or SameSite), exposing potentially sensitive session data...

6.8CVSS6.9AI score0.00216EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.6 views

Siemens SINEC Traffic Analyzer 安全漏洞

SINEC Traffic Analyzer is an on-premise application that monitors PNIO PROFINET IO communication between controllers and IO devices. The software detects PROFINET communication problems and reports them to the user via Web-UI. A logic flaw vulnerability exists in Siemens SINEC Traffic Analyzer,...

6.8CVSS6.6AI score0.00216EPSS
Exploits0References3
CNVD
CNVD
added 2024/05/09 12:0 a.m.3 views

IBM Cognos Controller Information Disclosure Vulnerability (CNVD-2024-23286)

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. An information disclosure vulnerability exists in IBM...

4.3CVSS6.1AI score0.00366EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/09 12:0 a.m.35 views

Fedora 38 : fwupd (2023-48c43df788)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-48c43df788 advisory. This release adds the following features: Add a launchd agent for macOS Add a new security attribute for BIOS capsule updates to be enabled Add functionality...

5.5AI score
Exploits0References1
CNNVD
CNNVD
added 2023/06/08 12:0 a.m.3 views

IBM CICS TX Standard and Advanced 安全漏洞

IBM CICS TX Standard and Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A security vulnerability exists in IBM TXSeries for Multiplatforms, IBM CICS TX...

3.7CVSS5AI score0.00628EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/30 12:0 a.m.5 views

Macaron csrf 安全漏洞

Macaron csrf is a Macaron open source middleware for generating and verifying csrf tokens for Macaron. Macaron csrf has a security vulnerability that stems from a misuse of the parameter Generate that results in a sensitive cookie without security attributes...

7.5CVSS5.5AI score0.00515EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/09/13 12:0 a.m.3 views

IBM Control Desk 安全漏洞

IBM Control Desk is an application from International Business Machines IBM. Automated service management and seamlessly integrated, best-practice based service desk functionality. A security vulnerability exists in IBM Control Desk version 7.6.1, which stems from the fact that it does not set...

4.3CVSS5.1AI score0.00545EPSS
Exploits0References3
CNVD
CNVD
added 2022/08/04 12:0 a.m.34 views

IBM CICS TX Advanced Access Control Error Vulnerability

IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA. It can provide a cloud-native deployment model for standalone applications. An Access Control Error vulnerability exists in IBM CICS TX Advanced version 11.1, which stems from a failure to set a security...

4.3CVSS4.4AI score0.00459EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.4 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.5AI score0.00573EPSS
Exploits0References2
CNVD
CNVD
added 2022/01/07 12:0 a.m.42 views

Apache Geode Injection Vulnerability

Apache Geode is an Apache Foundation management platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. security attributes prefixed with "sysprop-", "javax.net.ssl", or "security-" are vulnerable to logging of sensitive...

7.5CVSS2.6AI score0.02894EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/04 12:0 a.m.5 views

Apache Geode 日志信息泄露漏洞

Apache Geode is an Apache Foundation management platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. security attributes prefixed with "sysprop-", "javax.net.ssl", or "security-" are vulnerable to logging of sensitive...

7.5CVSS5.5AI score0.02894EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.4 views

IBM Tivoli Key Lifecycle Manager 安全漏洞

IBM Tivoli Key Lifecycle Manager TKLM is a set of key lifecycle management software from IBM Corporation. The software provides key storage, key maintenance, and key lifecycle management for storage devices.A security vulnerability exists in IBM Tivoli Key Lifecycle Manager, which stems from the...

4.3CVSS5.6AI score0.00515EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/10/20 12:0 a.m.6 views

IBM Standards Processing 安全漏洞

Ibm Standards Processing Engine Ibm Transformation Extender Advanced is a document conversion software from the American company Ibm. Used to automatically convert and validate large amounts of data. A security vulnerability exists in IBM Standards Processing that stems from the engine not settin...

4.3CVSS5.6AI score0.00521EPSS
Exploits0References4
CNVD
CNVD
added 2021/01/22 12:0 a.m.9 views

IBM Security Identity Governance and Intelligence Information Disclosure Vulnerability

IBM Security Identity Governance and Intelligence is an integrated identity management solution based on network devices. An information disclosure vulnerability exists in IBM Security Identity Governance and Intelligence 5.2.6. The vulnerability stems from the product not setting security...

4.3CVSS6.2AI score0.01428EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.7 views

IBM Security Guardium Insights 授权问题漏洞

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. An information disclosure vulnerability exists in IBM Security Guardium Insights 2.0.2. The vulnerability stems from the product...

4.3CVSS5.9AI score0.00623EPSS
Exploits0References4
CNVD
CNVD
added 2020/11/17 12:0 a.m.2 views

IBM Sterling File Gateway Information Disclosure Vulnerability (CNVD-2020-63969)

IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to transfer files more securely and reliably with trading partners. An information disclosure vulnerability exists in IBM Sterling File Gateway 6.0.0.0 - 6.0.3.2, 2.2.0.0 -...

4.3CVSS6.2AI score0.00989EPSS
Exploits0References1
Prion
Prion
added 2020/11/12 6:15 p.m.17 views

Design/Logic Flaw

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...

7.2CVSS7.6AI score0.0046EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder