Lucene search
+L

113 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/09/19 7:52 p.m.66 views

Security Bulletin: IBM Security Guardium is affected by a denial of service vulnerability in MIT keb5 (CVE-2022-42898)

Summary IBM Security Guardium has fixed this vulnerability by upgrading the version of MIT krb5 that it uses. Vulnerability Details CVEID:CVE-2022-42898 DESCRIPTION: MIT krb5 is vulnerable to a denial of service, caused by an integer overflow in PAC parsing in the krb5parsepac function. By sendin...

8.8CVSS8.8AI score0.06419EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/07/21 12:0 a.m.19 views

IBM Security Guardium Input Validation Error Vulnerability

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An input validation error vulnerability exists in IBM...

6.5CVSS6.5AI score0.00607EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/21 12:0 a.m.46 views

IBM Security Guardium License Issue Vulnerability (CNVD-2023-68784)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An authorization issue vulnerability exists in IBM Security...

8.4CVSS6.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2023/07/19 3:15 a.m.4 views

CVE-2022-43910

IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908...

7.8CVSS5.8AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.13 views

PT-2023-14392 · Ibm · Ibm Security Guardium

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.3 Description: The issue is due to improper input validation, which could allow an authenticated user to cause a denial of service. Recommendations: For IBM Security Guardium version 11.3, at the moment, there...

6.5CVSS6.2AI score0.00607EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.4 views

PT-2023-14395 · Ibm · Ibm Security Guardium

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium version 11.3 Description: The issue allows a local user to escalate their privileges due to improper permission controls. Recommendations: For IBM Security Guardium version 11.3, consider restricting access to sensitive...

8.4CVSS7.8AI score0.00162EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.4 views

SUSE CVE-2019-18459

An issue was discovered in GitLab Community and Enterprise Edition 11.3 to 12.3 in the protected environments feature. It has Insecure Permissions issue 3 of 4...

5.3CVSS5.4AI score0.0088EPSS
Exploits0References3
Prion
Prion
added 2023/01/27 10:15 p.m.19 views

Server side request forgery (ssrf)

A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner...

5CVSS5.1AI score0.00546EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2023/01/26 9:15 p.m.29 views

CVE-2022-3482

An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only...

5.3CVSS5.3AI score0.01034EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.9 views

PT-2023-13985 · Re Logic · Reqlogic

Name of the Vulnerable Software and Affected Versions: ReQlogic version 11.3 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters. This enables the execution of malicious code on the web...

6.1CVSS7.5AI score0.05187EPSS
Exploits3References8
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.17 views

Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub is affected by a user password being stored in plain text vulnerability (CVE-2017-1309)

Summary IBM InfoSphere Master Data Management Reference Data Management Hub has addressed the following vulnerability. IBM InfoSphere Master Data Management Reference Data Management Hub stores user credentials in plain text which can be read by a local user. Vulnerability Details CVEID:...

2.1CVSS0.8AI score0.00232EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.28 views

Security Bulletin: IBM InfoSphere Master Data Management Collaborative Edition affected by Privilege Escalation security vulnerabilities (CVE-2015-7424)

Summary IBM InfoSphere Master Data Management - Collaborative Edition is vulnerable to Privilege Escalation. Vulnerability Details CVEID: CVE-2014-7424 DESCRIPTION: Provide sufficient details for someone to tell if they have the problem, but not enough detail that someone with malicious intent...

5.4CVSS4.8AI score0.01342EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/28 12:0 a.m.3 views

PT-2022-11086 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.3 and later Description: The issue concerns the endpoint for auto-completing Assignee, which discloses the members of private groups. Recommendations: For GitLab CE/EE versions 11.3 and later, consider restricting...

4.3CVSS4.3AI score0.00801EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2022/03/28 12:0 a.m.21 views

GitLab 11.1.x - 11.1.7, 11.2.x - 11.2.4, 11.3.x - 11.3.1 Information Disclosure Vulnerability

GitLab is prone to an exposure of sensitive information to an unauthorized actor vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.4AI score0.01166EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/02/04 12:0 a.m.60 views

ManageEngine ServiceDesk Plus Multiple Versions Authentication Bypass

Zoho ManageEngine ServiceDesk Plus versions 11.3 before 11302, 11.2 before 11208, 11.1 before 11145 and 11.0 before 11012 are vulnerable to authentication bypass that allows a few REST-API URLs without authentication. Note that Nessus has not tested for this issue but has instead relied only on t...

9.8CVSS8.3AI score0.99854EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/03 12:0 a.m.8 views

Adobe Connect CSRF Vulnerability (APSB21-112)

Adobe Connect is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7AI score
Exploits0References1
Prion
Prion
added 2021/11/08 5:15 p.m.14 views

Cross site scripting

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

3.5CVSS5.2AI score0.00476EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/09/26 12:0 a.m.15 views

IBM Security Guardium Hardcoded Credential Vulnerability

IBM Security Guardium is a suite of platforms from IBM USA that provides data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium version 11.3 contains a hard-coded credential vulnerability. An...

9.8CVSS2.2AI score0.01149EPSS
Exploits0References1
OSV
OSV
added 2021/09/08 3:15 p.m.4 views

CVE-2021-1861

An issue existed in determining cache occupancy. The issue was addressed through improved logic. This issue is fixed in macOS Big Sur 11.3. A malicious website may be able to track users by setting state in a cache...

4.3CVSS5.8AI score0.00868EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/08 8:36 p.m.23 views

Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Optim Data Growth & Test Data Management & Application Retirement

Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Optim Data Growth & Test Data Management & Application Retirement, also known as the server components. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial...

9.8CVSS1.3AI score0.09115EPSS
Exploits0Affected Software1
Rows per page
Query Builder