Lucene search
K

10 matches found

CNNVD
CNNVD
added 2025/02/19 12:0 a.m.5 views

GHOSTS 路径遍历漏洞

GHOSTS is an open source realistic user simulation framework for network experiments, simulations, training and exercises from the Software Engineering Institute. A path traversal vulnerability exists in GHOSTS versions 8.0.0.0 through prior to 8.2.7.90, which stems from the presence of a path...

8.7CVSS6.5AI score0.00597EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.6 views

PT-2025-7627 · Ghosts · Ghosts

Name of the Vulnerable Software and Affected Versions: GHOSTS versions 8.0.0.0 through 8.2.7.89 Description: A path traversal vulnerability was discovered in GHOSTS that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint. The vulnerability...

8.7CVSS6.8AI score0.00597EPSS
Exploits1References12
OSV
OSV
added 2022/10/06 6:15 p.m.3 views

CVE-2022-2975

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0...

6.7CVSS6AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2021/06/24 9:15 a.m.2 views

CVE-2021-25653

A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities AVPU that may potentially allow a local user to escalate privileges. Affects 8.0.0.0 through 8.1.3.1 versions of AVPU...

7.8CVSS7.1AI score0.00639EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.3 views

Avaya Aura Appliance Virtualization Platform Utilities (AVPU) 安全漏洞

Avaya Aura AVPU is an application virtualization platform utility from Avaya, USA. It provides features for the AVP platform, such as AVP alert and log collection, dual-stack support, service access, and out-of-band management. A security vulnerability exists in Avaya Aura Appliance Virtualizatio...

8CVSS7.3AI score0.00639EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/02 9:59 p.m.27 views

Security Bulletin: IBM MQ Appliance is affected by an OpenSSL vulnerability (CVE-2019-1559)

Summary IBM MQ Appliance has addressed the following OpenSSL vulnerability. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a...

5.9CVSS1.4AI score0.17139EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2019/05/23 12:0 a.m.4 views

PT-2019-16887 · Ibm · Ibm Websphere Mq

Name of the Vulnerable Software and Affected Versions: IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1 Description: The issue allows a local non-privileged user to execute code as an administrator due to incorrect permissions set on MQ installatio...

7.8CVSS7.5AI score0.0039EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/05/23 12:0 a.m.5 views

PT-2019-16856 · Ibm · Ibm Websphere Mq

Name of the Vulnerable Software and Affected Versions: IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1 Description: The issue allows a local attacker to cause a denial of service within the error log reporting system. Recommendations: For IBM...

6.2CVSS5.8AI score0.00316EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/29 5:40 p.m.27 views

Security Bulletin: IBM MQ can allow an attacker to execute a privilege escalation attack on a local machine. (CVE-2018-1792)

Summary A problem within IBM MQ queue manager libraries could allow an attacker who has mqm login access to a server to use IBM MQ to escalate their privileges on that system and gain access to the root user. Vulnerability Details CVEID: CVE-2018-1792 DESCRIPTION: IBM MQ could allow a local user ...

8.8CVSS2.5AI score0.0052EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/21 11:30 a.m.18 views

Security Bulletin: IBM MQ Appliance is affected by a UI message injection vulnerability (CVE-2018-1666)

Summary IBM MQ Appliance has addressed the following UI message injection vulnerability. Vulnerability Details CVEID: CVE-2018-1666 DESCRIPTION: IBM WebSphere DataPower Appliances could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. CVSS Base Score: 4....

4.3CVSS1AI score0.00839EPSS
Exploits0Affected Software1
Rows per page
Query Builder