Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2024-23540
- EPSS 0.38%
- Veröffentlicht 03.04.2024 17:15:50
- Zuletzt bearbeitet 21.11.2024 08:57:55
The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file.
6.5
CVE-2021-27758
- EPSS 0.08%
- Veröffentlicht 06.05.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:58:30
There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account.
6.5
CVE-2021-27759
- EPSS 0.1%
- Veröffentlicht 06.05.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:58:31
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the ...
1