Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security directory server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4562
IBM Security Directory Server 6.4.0 stores sensitive information in URLs. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history. IBM X-Force ID: 166623.
Ibm Security Directory Server
7.5
CVSSv2
CVE-2012-2203
IBM Global Security Kit (aka GSKit) prior to 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote malicious us...
Ibm Global Security Kit 7.0.4.28
Ibm Global Security Kit 7.0.4.29
Ibm Global Security Kit
Ibm Tivoli Directory Server
Ibm Rational Directory Server
5
CVSSv2
CVE-2012-2191
IBM Global Security Kit (aka GSKit) prior to 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows r...
Ibm Rational Directory Server
Ibm Global Security Kit 7.0.4.28
Ibm Global Security Kit 7.0.4.29
Ibm Global Security Kit
Ibm Tivoli Directory Server
NA
CVE-2022-33164
IBM Security Directory Server 7.2.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID:...
Ibm Security Directory Server 7.2.0
5.8
CVSSv2
CVE-2019-4538
IBM Security Directory Server 6.4.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redir...
Ibm Security Directory Server 6.4.0
5
CVSSv2
CVE-2019-4520
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 165178.
Ibm Security Directory Server 6.4.0
5.5
CVSSv2
CVE-2019-4539
IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing malicious users to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812.
Ibm Security Directory Server 6.4.0
4.3
CVSSv2
CVE-2019-4542
IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Ibm Security Directory Server 6.4.0
5
CVSSv2
CVE-2019-4563
IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
Ibm Security Directory Server 6.4.0.0
5
CVSSv2
CVE-2019-4547
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.
Ibm Security Directory Server 6.4.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »