Lucene search
+L

38 matches found

nvd
nvd
added 2025/01/08 1:15 a.m.17 views

CVE-2024-40679

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file under specific conditions...

5.5CVSS0.00159EPSS
Exploits0References1
ibm
ibm
added 2024/04/06 12:29 a.m.39 views

Security Bulletin: Vulnerabilities have been identified with the DS8900F Hardware Management Console (HMC)

Summary The updates indicated below have been released to address the following vulnerabilities: CVE-2023-46169 Arbitrary file deletion, CVE-2023-46171 view sensitive log information, CVE-2023-46172 Bypass authentication restrictions for authorized user, CVE-2023-46170 Arbitrary file read ,...

9.8CVSS8.6AI score0.01931EPSS
Exploits0Affected Software4
nvd
nvd
added 2024/03/07 9:15 p.m.24 views

CVE-2023-46171

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...

4.3CVSS4.7AI score0.00364EPSS
Exploits0References2
cve
cve
added 2024/03/07 8:26 p.m.71 views

CVE-2023-46171

CVE-2023-46171 affects IBM DS8900F HMC. An authenticated user could view sensitive log information after enumerating filenames. Affected product scope includes DS8900F HMC firmware/microcode versions in R9.2 and R9.3 lines (e.g., 89.22.19.0; 89.30.68.0; 89.32.40.0; 89.33.48.0; 89.21.x series). Ro...

4.3CVSS4.2AI score0.00364EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2023/10/25 6:17 p.m.12 views

CVE-2023-27256

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

5.8CVSS5.8AI score0.00559EPSS
Exploits0References1
prion
prion
added 2023/10/25 6:17 p.m.11 views

Authentication flaw

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

5CVSS5.5AI score0.00559EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/10/25 10:13 a.m.14 views

CVE-2023-27256 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of sensitive log files by unauthenticated attackers...

5.8CVSS5.6AI score0.00559EPSS
Exploits0References1
osv
osv
added 2023/07/20 1:15 p.m.3 views

CVE-2023-32455

Dell Wyse ThinOS versions prior to 2208 9.3.2102 contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
osv
osv
added 2020/10/06 4:15 p.m.4 views

CVE-2020-4528

IBM MQ Appliance IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12 could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658...

5.5CVSS5.8AI score0.00286EPSS
Exploits0References2
osv
osv
added 2020/08/17 6:15 p.m.5 views

CVE-2020-3447

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive...

6.5CVSS6.7AI score0.00738EPSS
Exploits0References1
cnvd
cnvd
added 2018/07/12 12:0 a.m.7 views

Cisco DNA Center Information Disclosure Vulnerability

Cisco Digital Network Architecture Center DNA Center is a set of digital network architecture solutions from the U.S. company Cisco Cisco. The program can extend and protect devices, applications, etc. within the network. An information disclosure vulnerability exists in Cisco DNA Center. The...

7.8CVSS7.1AI score0.00333EPSS
Exploits0References1
osv
osv
added 2017/08/17 8:29 p.m.4 views

CVE-2017-6786

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker...

6.3CVSS5.8AI score0.00299EPSS
Exploits0References2
nvd
nvd
added 2015/10/28 10:59 a.m.18 views

CVE-2015-5713

Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote attackers to obtain sensitive log information by visiting...

5CVSS6.3AI score0.02133EPSS
Exploits0References3
prion
prion
added 2015/10/28 10:59 a.m.15 views

Code injection

Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote attackers to obtain sensitive log information by visiting...

5CVSS6.9AI score0.02133EPSS
Exploits0References3Affected Software2
cvelist
cvelist
added 2015/10/28 10:0 a.m.20 views

CVE-2015-5713

Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform before 7.0.2 for AWS Marketplace allow remote attackers to obtain sensitive log information by visiting...

6.3AI score0.02133EPSS
Exploits0References3
prion
prion
added 2006/04/25 1:2 a.m.18 views

Improper access control

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests...

5CVSS6.9AI score0.02402EPSS
Exploits1References11Affected Software1
nessus
nessus
added 2005/05/05 12:0 a.m.26 views

NetWin DMail Server Multiple Remote Vulnerabilities

The installation of NetWin DMail on the remote host suffers from an authentication bypass vulnerability in its mailing list server component, DList, and a format string vulnerability in the SMTP server component, DSmtp. An attacker can exploit the first to reveal potentially sensitive log...

7.5CVSS6.3AI score0.04837EPSS
Exploits1References2
exploitpack
exploitpack
added 2003/01/15 12:0 a.m.24 views

Trend Micro Virus Control System 1.8 - Information Disclosure

Trend Micro Virus Control System 1.8 - Information Disclosure source: https://www.securityfocus.com/bid/6618/info An information disclosure vulnerability has been reported for TVCS. Reportedly, it is possible for an attacker to access the log files generated by TVCS. The log files contain very...

7.2AI score
Exploits0
Rows per page
Query Builder