Microsoft: >> Windows Security Vulnerabilities
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620.
CVSS Score
8.5
EPSS Score
0.001
Published
2024-02-29
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-29
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-02-28
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.
CVSS Score
8.5
EPSS Score
0.001
Published
2024-02-28
Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-27
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-27
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
CVSS Score
3.1
EPSS Score
0.005
Published
2024-02-27
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-02-27
Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
CVSS Score
1.9
EPSS Score
0.006
Published
2024-02-27
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-02-27