5.5

CVSS3.1

CVE-2022-40745 - IBM Aspera Faspex information disclosure

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.

πŸ“… Published: April 19, 2024, 5:01 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:21 a.m.

3.6

CVSS3.1

CVE-2023-37397 - IBM Aspera Faspex data manipulation

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.

πŸ“… Published: April 19, 2024, 4:54 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:11 a.m.

5

CVSS3.1

CVE-2024-29991 - Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

πŸ“… Published: April 19, 2024, 4:46 p.m. πŸ”„ Last Modified: May 3, 2025, 12:40 a.m.

6.5

CVSS3.1

CVE-2023-27279 - IBM Aspera Faspex denial of service

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.

πŸ“… Published: April 19, 2024, 4:39 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:52 a.m.

2.5

CVSS3.1

CVE-2023-37396 - IBM Aspera Faspex information disclosure

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.

πŸ“… Published: April 19, 2024, 4:06 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 3:40 p.m.

7.5

CVSS3.1

CVE-2024-32650 - Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper …

Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a `close_notify` message immediately after `client_hello`, the server's `complete_io` will get in an…

πŸ“… Published: April 19, 2024, 4:05 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-29183 - OpenRASP vulnerable to a reflected Cross-Site Scripting (XSS) attack in /login

OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an attacker to execute arbitrary javascript with the permissions of a…

πŸ“… Published: April 19, 2024, 3:52 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2023-22869 - IBM Aspera Faspex information disclosure

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.

πŸ“… Published: April 19, 2024, 3:48 p.m. πŸ”„ Last Modified: Dec. 19, 2024, 3:41 p.m.

6.1

CVSS3.1

CVE-2024-29029 - memos vulnerable to an SSRF in /o/get/image

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current s…

πŸ“… Published: April 19, 2024, 3:14 p.m. πŸ”„ Last Modified: Jan. 2, 2025, 8:46 p.m.

5.8

CVSS3.1

CVE-2024-29028 - memos vulnerable to an SSRF in /o/get/httpmeta

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1.

πŸ“… Published: April 19, 2024, 3:14 p.m. πŸ”„ Last Modified: July 7, 2025, 4:03 p.m.
Total resulsts: 349182
Page 10203 of 34,919
Β« previous page Β» next page
Filters