CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

0day.today•added 2023/04/03 12:0 a.m.•287 views

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Vulnerability

Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

5.3CVSS5.6AI score0.00343EPSS

Exploits2

Exploit DB•added 2023/04/03 12:0 a.m.•382 views

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure

Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Date: 11 Jun 2022 Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...

5.3CVSS5.6AI score0.00343EPSS

Exploits2

IBM Security Bulletins•added 2020/10/08 1:53 a.m.•31 views

Security Bulletin: API Connect is vulnerable to denial of service (CVE-2020-16845)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-16845 DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted input, a...

7.5CVSS1.1AI score0.00147EPSS

Exploits0Affected Software1

Prion•added 2018/12/06 11:29 p.m.•10 views

Cross site request forgery (csrf)

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a...

4.3CVSS5.7AI score0.0039EPSS

Exploits0References3Affected Software2

IBM Security Bulletins•added 2018/06/16 10:0 p.m.•23 views

Security Bulletin: OS Command Injection vulnerability affects IBM Security Guardium (CVE-2017-1253 )

Summary IBM Security Guardium could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2017-1253 DESCRIPTION: IBM Security Guardium could allow a remote authenticated attacker to...

9.9CVSS2.1AI score0.01355EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 9:50 p.m.•18 views

Security Bulletin: Privilege escalation vulnerability affects IBM Security Guardium (CVE-2017-1122)

Summary IBM Security Guardium contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM Security Guardium has addressed this issue Vulnerability Details CVEID: CVE-2017-1122 DESCRIPTION: IBM Security Guardium...

7.4CVSS1.1AI score0.00049EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 9:48 p.m.•50 views

Security Bulletin: IBM Security Guardium is affected by Linux kernel privesc: Dirty COW vulnerability (CVE-2016-5195)

Summary Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a race condition when handling the copy-on-write COW breakage of private read-only memory mappings by the memory subsystem. IBM Security Guardium has provided a fix for this vulnerability...

7.2CVSS1AI score0.93929EPSS

Exploits78Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by