Lucene search
K

88 matches found

CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

Ant Media Server 安全漏洞

Ant Media Server is a real-time streaming engine software from Ant Media open source. It provides adaptive ultra-low latency streaming using WebRTC technology with a latency of approximately 0.5 seconds. A security vulnerability exists in Ant Media Server Community Edition prior to version 2.9.0...

5.4CVSS5.5AI score0.00479EPSS
Exploits0References5
NVD
NVD
added 2024/02/02 2:15 p.m.24 views

CVE-2023-47142

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267...

8.8CVSS7.9AI score0.00305EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/02 1:22 p.m.14 views

CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager privilege escalation

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267...

7.5CVSS6.4AI score0.00305EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/02 1:22 p.m.34 views

CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager privilege escalation

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267...

7.5CVSS8.3AI score0.00305EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.3 views

IBM Tivoli Application Dependency Discovery Manager 权限许可和访问控制问题漏洞

IBM Tivoli Application Dependency Discovery Manager TADDM is a product in the suite of IT service management solutions from International Business Machines IBM. The product provides robust automated application mapping and discovery to help administrators understand the structure, state,...

8.8CVSS7AI score0.00305EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/22 7:2 p.m.40 views

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager affected by multiple vulnerabilities.

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to multiple vulnerabilities. Vulnerability Details CVEID:CVE-2023-47143 DESCRIPTION: IBM Tivoli Application Dependency Discovery Manager is vulnerable to HTTP header injection, caused by improper...

10CVSS7.2AI score0.00785EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/09/25 1:15 p.m.4 views

CVE-2023-41301

Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this vulnerability may cause features to perform abnormally...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/25 12:8 p.m.29 views

CVE-2023-41301

Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this vulnerability may cause features to perform abnormally...

7.6AI score0.0035EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/25 12:8 p.m.14 views

CVE-2023-41301

Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this vulnerability may cause features to perform abnormally...

6.8AI score0.0035EPSS
Exploits0References2
CVE
CVE
added 2023/09/25 12:8 p.m.2513 views

CVE-2023-41301

CVE-2023-41301 describes a vulnerability in the PMS module enabling unauthorized API access, with exploitation potentially causing features to behave abnormally. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), with network attack vector, no privileges required, no user interaction, and ...

7.5CVSS7.4AI score0.0035EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.4 views

PT-2023-27889 · Unknown · Pms Module

Name of the Vulnerable Software and Affected Versions: PMS module affected versions not specified Description: The issue concerns unauthorized API access in the PMS module, which may lead to abnormal feature performance upon successful exploitation. Recommendations: At the moment, there is no...

7.5CVSS6.8AI score0.0035EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.5 views

Ovarro TBox RTU 安全漏洞

Ovarro TBox RTUs is a modular remote monitoring and automation solution from Ovarro Germany. A security vulnerability exists in the Ovarro TBox RTUs that stems from a lack of authorization to run certain API commands, which could be exploited by an attacker to disclose sensitive information, such...

5.3CVSS5.6AI score0.00492EPSS
Exploits0References2
NVD
NVD
added 2023/04/11 5:15 p.m.38 views

CVE-2022-27487

A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS...

8.8CVSS8.4AI score0.00975EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/11 4:6 p.m.16 views

CVE-2022-27487

A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS...

8.8CVSS6.6AI score0.00975EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/11 4:6 p.m.38 views

CVE-2022-27487

A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS...

8.8CVSS8.6AI score0.00975EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/14 12:0 a.m.5 views

KubeOperator 授权问题漏洞

KubeOperator is an open source, lightweight Kubernetes distribution focused on helping organizations plan, deploy, and operate production-grade K8s clusters. An authorization issue vulnerability exists in KubeOperator versions prior to 3.16.4, which stems from the API interacting with an...

9.8CVSS8.3AI score0.66768EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2023/01/14 12:0 a.m.51 views

Missing Authorization

KubePi is a modern Kubernetes panel. The API interfaces with unauthorized entities and may leak sensitive information. This issue has been patched in version 1.6.4. There are currently no known workarounds...

7.5CVSS7.1AI score0.03573EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/06/24 3:15 p.m.5 views

CVE-2022-1517

LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this...

9.8CVSS5.9AI score0.01633EPSS
Exploits0References1
NVD
NVD
added 2022/06/24 3:15 p.m.23 views

CVE-2022-1517

LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this...

10CVSS0.01633EPSS
Exploits0References1
Patchstack
Patchstack
added 2021/10/27 12:0 a.m.13 views

WordPress OptinMonster plugin <= 2.6.4 - Unprotected REST-API to Sensitive Information Disclosure and Unauthorized API access vulnerability

Unprotected REST-API to Sensitive Information Disclosure and Unauthorized API access vulnerability discovered by Chloe Chamberland WordFence in WordPress OptinMonster plugin versions = 2.6.4. Solution Update the WordPress OptinMonster plugin to the latest available version at least 2.6.5...

3AI score0.2327EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder