Lucene search
K

209 matches found

CVE
CVE
added 2023/06/15 2:57 a.m.50 views

CVE-2022-32752

CVE-2022-32752 affects IBM Security Directory Suite VA 8.0.1 through 8.0.1.19. A remote authenticated attacker can execute arbitrary commands on the system by sending a specially crafted request. IBM’s advisory and related sources identify the affected product and provide a fix: update to IBM Sec...

8.8CVSS7.5AI score0.01361EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/15 2:55 a.m.62 views

CVE-2022-32757

IBM Security Directory Suite VA 8.0.1–8.0.1.19 is affected by an inadequate account lockout setting that could allow a remote attacker to brute-force credentials. The issue is tied to CVE-2022-32757 and is documented with a HIGH impact (CVSS v3.1 base score 7.5; Network attack vector, low attack ...

7.5CVSS7.3AI score0.00855EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/15 2:33 a.m.51 views

CVE-2022-33166

CVE-2022-33166 affects IBM Security Directory Suite VA 8.0.1–8.0.1.19. The issue allows a privileged user to upload malicious files of dangerous types that can be automatically processed within the product’s environment, as described by Red Hat and IBM advisories (X-Force ID: 228586). Root cause ...

7.2CVSS6.7AI score0.00787EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/15 1:19 a.m.66 views

CVE-2022-33168

CVE-2022-33168 affects IBM Security Directory Suite VA 8.0.1 and could cause a denial of service via uncontrolled resource consumption. The issue has a base score of 7.5 (HIGH) per IBM/X-Force data. Remediation is to apply the fixes listed by IBM: Directory Suite 8.0.1 Fixpack 21 (and related int...

7.5CVSS7.2AI score0.00765EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/15 1:10 a.m.63 views

CVE-2022-33163

CVE-2022-33163 affects IBM Security Directory Suite VA 8.0.1, where permissions on a security-critical resource permit read or modification by unintended actors. Public sources align on an information-disclosure/unauthorized-access risk with high impact to confidentiality and integrity (CVE descr...

8.1CVSS5.8AI score0.00502EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.7 views

PT-2023-13230 · Ibm · Ibm Security Directory Suite Va

Name of the Vulnerable Software and Affected Versions: IBM Security Directory Suite VA versions 8.0.1 through 8.0.1.19 Description: The issue allows an authenticated user to read user credentials stored in plain clear text. Recommendations: For IBM Security Directory Suite VA versions 8.0.1 throu...

6.5CVSS6.3AI score0.00341EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.5 views

PT-2023-13191 · Ibm · Ibm Security Directory Suite Va

Name of the Vulnerable Software and Affected Versions: IBM Security Directory Suite VA versions 8.0.1 through 8.0.1.19 Description: The issue is related to an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials. Recommendations: For versions...

7.5CVSS7.5AI score0.00855EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2023/05/12 3:56 a.m.10 views

va-motorsport.com Cross Site Scripting vulnerability OBB-3323826

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSV
added 2023/05/12 1:15 a.m.6 views

CVE-2020-13378

Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...

8.8CVSS6AI score0.03306EPSS
Exploits1References2
CVE
CVE
added 2023/05/12 12:0 a.m.34 views

CVE-2020-13378

CVE-2020-13378 affects Loadbalancer.org Enterprise VA MAX up to version 8.3.8. The issue is an OS command injection in the appliance that could allow a remote authenticated attacker to execute arbitrary code. CVSS v3.1 base score 8.8 (HIGH) with network access, low attack complexity, and privileg...

8.8CVSS8.8AI score0.03306EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/05/12 12:0 a.m.33 views

CVE-2020-13378

Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code...

8.9AI score0.03306EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.5 views

Loadbalancer Enterprise VA MAX 操作系统命令注入漏洞

Loadbalancer Enterprise VA MAX is a full-featured virtual ADC from the Loadbalancer organization. standardized on WAF and GSLB, it provides the highest throughput and unmatched reliability for critical workloads. A security vulnerability exists in Loadbalancer Enterprise VA MAX version 8.3.8 and...

8.8CVSS8.5AI score0.03306EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.8 views

PT-2023-11473 · Loadbalancer.Org · Loadbalancer.Org Enterprise Va Max

Name of the Vulnerable Software and Affected Versions: Loadbalancer.org Enterprise VA MAX versions 8.3.8 and earlier Description: The issue allows a remote authenticated attacker to execute arbitrary code due to an OS Command Injection vulnerability. Recommendations: For versions 8.3.8 and earlie...

8.8CVSS8.3AI score0.03306EPSS
Exploits1References4
hivepro
hivepro
added 2023/03/27 1:32 p.m.10 views

Hive Pro Appoints John Lyons as Chief Revenue Officer

Milpitas, CA – 27th March 2023 – Hive Pro, a leading Threat Exposure Management vendor in cybersecurity, today announced the appointment of John Lyons as its new Chief Revenue Officer CRO. With more than 25 years of sales management experience in the IT industry, Lyons will be responsible for...

6.8AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/08/13 7:33 p.m.11 views

Flaw in the VA Medical Records Platform May Put Patients at Risk

The Veterans Affairs’ VistA software has a vulnerability that could let an attacker “masquerade as a doctor,” a security researcher warns...

4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/07/07 5:55 p.m.6 views

horizonsedgeva.com Cross Site Scripting vulnerability OBB-2740612

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/24 10:15 p.m.3 views

CVE-2022-29337

C-DATA FD702XW-X-R430 v2.1.13X001 was discovered to contain a command injection vulnerability via the vacmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request...

9.8CVSS6.1AI score0.35343EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/24 12:0 a.m.7 views

PT-2022-19551 · Unknown · C-Data Fd702Xw-X-R430

Name of the Vulnerable Software and Affected Versions: C-DATA FD702XW-X-R430 version 2.1.13 X001 Description: A command injection issue was discovered, allowing attackers to execute arbitrary commands via a crafted HTTP request. This is achieved through the va cmd parameter in the formlanipv6...

9.8CVSS10AI score0.35343EPSS
Exploits1References6
OSV
OSV
added 2022/04/24 8:59 p.m.9 views

GSD-2022-1001263 ASoC: codecs: va-macro: fix accessing array out of bounds for enum type

ASoC: codecs: va-macro: fix accessing array out of bounds for enum type This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/22 5:15 a.m.58 views

Cisco Releases Security Patches for TelePresence, RoomOS and Umbrella VA

Networking equipment maker Cisco has released security updates to address three high-severity vulnerabilities in its products that could be exploited to cause a denial-of-service DoS condition and take control of affected systems. The first of the three flaws, CVE-2022-20783 CVSS score: 7.5,...

8.1CVSS1.4AI score0.01372EPSS
Exploits0
Rows per page
Query Builder