CVE-2020-4992
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from…
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from…
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes…
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to…
Dell PowerScale OneFS versions 8.2.2 – 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure…
Dell EMC PowerScale OneFS versions 8.2.x – 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the…
Dell EMC PowerScale OneFS versions 8.2.x – 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate…
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.…
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'. Devamını…
Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in…
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication…