Show filters
13,166 Total Results
Displaying 771-780 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-27201
Disclosure Date: April 03, 2024 (last updated April 04, 2024)
An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2024-24976
Disclosure Date: April 03, 2024 (last updated April 04, 2024)
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2024-22178
Disclosure Date: April 03, 2024 (last updated April 04, 2024)
A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2024-21870
Disclosure Date: April 03, 2024 (last updated April 04, 2024)
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2023-50311
Disclosure Date: March 31, 2024 (last updated April 03, 2024)
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612.
0
Attacker Value
Unknown
CVE-2024-29945
Disclosure Date: March 27, 2024 (last updated April 11, 2024)
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process. This exposure happens when either Splunk Enterprise runs in debug mode or the JsonWebToken component has been configured to log its activity at the DEBUG logging level.
0
Attacker Value
Unknown
CVE-2022-32756
Disclosure Date: March 22, 2024 (last updated April 02, 2024)
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 228507.
0
Attacker Value
Unknown
CVE-2022-32754
Disclosure Date: March 22, 2024 (last updated April 02, 2024)
IBM Security Verify Directory 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 228445.
0
Attacker Value
Unknown
CVE-2024-26051
Disclosure Date: March 18, 2024 (last updated April 01, 2024)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
0
Attacker Value
Unknown
CVE-2024-26050
Disclosure Date: March 18, 2024 (last updated April 01, 2024)
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
0