Page 150 of 10826 results (0.060 seconds)

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181. IBM Cognos Controller 10.4.1, 10.4.2 y 11.0.0 podrían permitir que un usuario remoto enumere nombres de usuarios debido a mensajes de error diferenciadores en nombres de usuarios existentes. ID de IBM X-Force: 199181. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199181 https://www.ibm.com/support/pages/node/7149876 • CWE-204: Observable Response Discrepancy •

CVSS: 3.7EPSS: 0%CPEs: -EXPL: 0

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. • https://exchange.xforce.ibmcloud.com/vulnerabilities/245403 https://www.ibm.com/support/pages/node/7149876 • CWE-209: Generation of Error Message Containing Sensitive Information

CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 196640. IBM Cognos Controller 10.4.1, 10.4.2 y 11.0.0 no establece el atributo seguro en los tokens de autorización ni en las cookies de sesión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/196640 https://www.ibm.com/support/pages/node/7149876 •

CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/190837 https://www.ibm.com/support/pages/node/7149876 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0

This marginally increases the risk of sensitive data exposure. • https://github.com/matrix-org/vodozemac/commit/297548cad4016ce448c4b5007c54db7ee39489d9 https://github.com/matrix-org/vodozemac/security/advisories/GHSA-c3hm-hxwf-g5c6 • CWE-1188: Initialization of a Resource with an Insecure Default •