|
252771
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10.0 and 10.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer h…
|
CWE-200
Information Exposure
|
CVE-2017-1272
|
2024-11-21 12:21 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252772
|
5.9 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-1265
|
2024-11-21 12:21 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252773
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input.…
|
CWE-310
Cryptographic Issues
|
CVE-2017-1268
|
2024-11-21 12:21 |
2018-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252774
|
5.5 |
MEDIUM
Local
|
ibm
|
integration_bus
websphere_message_broker
|
IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit t…
|
CWE-275
Permission Issues
|
CVE-2017-1418
|
2024-11-21 12:21 |
2018-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252775
|
4.3 |
MEDIUM
Network
|
ibm
|
marketing_operations
|
IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be retur…
|
CWE-200
Information Exposure
|
CVE-2017-1119
|
2024-11-21 12:21 |
2018-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252776
|
7.8 |
HIGH
Local
|
ibm
|
bigfix_platform
|
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123910.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-1231
|
2024-11-21 12:21 |
2018-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252777
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted execut…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1085
|
2024-11-21 12:21 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252778
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1084
|
2024-11-21 12:21 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252779
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1083
|
2024-11-21 12:21 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252780
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack …
|
CWE-20
Improper Input Validation
|
CVE-2017-1082
|
2024-11-21 12:21 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
