Kategori: Güvenlik Açıkları

CVE-2020-27228

An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can…

Devamını oku

CVE-2019-15059

In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX…

Devamını oku

CVE-2020-4920 (collaborative_lifecycle_management, doors_next, engineering_insights, engineering_lifecycle_management, engineering_requirements_management_doors_next, engineering_test_management, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_quality_manager, rational_team_concert, removable_media_management, rhapsody_model_manager)

IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…

Devamını oku

CVE-2020-4964 (collaborative_lifecycle_management, doors_next, engineering_insights, engineering_lifecycle_management, engineering_requirements_management_doors_next, engineering_test_management, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_quality_manager, rational_team_concert, removable_media_management, rhapsody_model_manager)

IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could…

Devamını oku

CVE-2020-4965 (collaborative_lifecycle_management, doors_next, engineering_insights, engineering_lifecycle_management, engineering_requirements_management_doors_next, engineering_test_management, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_quality_manager, rational_team_concert, removable_media_management, rhapsody_model_manager)

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.…

Devamını oku

CVE-2020-15734

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same…

Devamını oku

CVE-2020-7924

Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate…

Devamını oku