Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-22409

IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID:…

Devamını oku

CVE-2023-30995

IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268. Zafiyet…

Devamını oku

CVE-2022-22405

IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An…

Devamını oku

CVE-2023-24965

IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713. Zafiyet ile ilgili…

Devamını oku

CVE-2022-33164

IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request…

Devamını oku

CVE-2023-32332

IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML…

Devamını oku

CVE-2023-28010

In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2023-34041

Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers…

Devamını oku

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit…

Devamını oku

CVE-2014-5329

GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is…

Devamını oku