CVSS评分在区间 [4,6.9] 的搜索结果 (44565)

CVE-2017-1552(发布:2017-11-01 17:29:00)NMS
CVSS4.9

[原文]IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 131396.

CVE-2017-1333(发布:2017-11-01 17:29:00)NMS
CVSS5.0

[原文]IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system. IBM X-Force ID: 126241.

CVE-2017-1340(发布:2017-11-01 17:29:00)NMS
CVSS4.0

[原文]IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455.

CVE-2017-1300(发布:2017-11-01 17:29:00)NM
CVSS6.8

[原文]IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 125162.

CVE-2017-1148(发布:2017-11-01 17:29:00)NMS
CVSS5.0

[原文]IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including private APIs that could be used in further attacks against the system. IBM X-Force ID: 122201.

CVE-2012-5636(发布:2017-10-30 15:29:00)NMS
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.22, 1.5.x before 1.5.10, and 6.x before 6.4.0 might allow remote attackers to inject arbitrary web script or HTML via vectors related to <script> tags in a rendered response.

12345678下一页尾页 第1页 / 共7428页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站