|
248701
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack …
|
CWE-20
Improper Input Validation
|
CVE-2017-1082
|
2024-11-21 12:21 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248702
|
5.4 |
MEDIUM
Network
|
ibm
|
campaign
|
IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the securi…
|
CWE-74
Injection
|
CVE-2017-1115
|
2024-11-21 12:21 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248703
|
5.4 |
MEDIUM
Network
|
ibm
|
campaign
|
IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1114
|
2024-11-21 12:21 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248704
|
6.5 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even aft…
|
CWE-200
Information Exposure
|
CVE-2017-1286
|
2024-11-21 12:21 |
2018-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248705
|
4.3 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID:…
|
CWE-200
Information Exposure
|
CVE-2017-1412
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248706
|
7.5 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user acco…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-1411
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248707
|
5.3 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X…
|
CWE-200
Information Exposure
|
CVE-2017-1409
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248708
|
8.1 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended a…
|
CWE-275
Permission Issues
|
CVE-2017-1396
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248709
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by …
|
CWE-384
Session Fixation
|
CVE-2017-1368
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248710
|
7.5 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-F…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-1366
|
2024-11-21 12:21 |
2018-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
