Lucene search
+L

140 matches found

CVE
CVE
added 2023/02/02 8:10 a.m.56 views

CVE-2023-0639

Summary: TRENDnet TEW-652BRP (version 3.04b01) exposes a Cross-Site Scripting issue in the Web Management Interface via the get_set.ccp endpoint, caused by improper handling of the nextPage parameter. This could allow remote attackers to inject scripts when data is viewed. Affected: TRENDnet TEW-...

6.1CVSS4.8AI score0.00363EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2022/09/20 12:0 a.m.358 views

Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Corty.10 Vulnerability: Insecure Credential Storage Description: The...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2022/02/23 12:17 p.m.55 views

CVE-2022-0639

An authorization bypass flaw was found in url-parse. This flaw allows a local unauthenticated attacker to add an at symbol @ while submitting a URL. This issue enables the bypass of validation or block-listing restrictions...

6.5CVSS3.3AI score0.01535EPSS
Exploits1References3
Circl
Circl
added 2022/02/17 8:37 p.m.8 views

CVE-2022-0639

creationtimestamp| type| source ---|---|--- 2022-02-17 20:37:30+00:00| seen| https://t.me/cibsecurity/37671...

6.5CVSS6.7AI score0.01535EPSS
Exploits1References1
NVD
NVD
added 2022/02/17 6:15 p.m.17 views

CVE-2022-0639

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7...

6.5CVSS0.01535EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/02/17 6:15 p.m.42 views

CVE-2022-0639

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7...

6.5CVSS6.8AI score0.01535EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/17 12:0 a.m.31 views

CVE-2022-0639 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7...

6.5CVSS7.3AI score0.01535EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2022/02/17 12:0 a.m.32 views

CVE-2022-0639

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7...

6.5CVSS6.8AI score0.01535EPSS
Exploits1
OSV
OSV
added 2022/02/17 12:0 a.m.25 views

CVE-2022-0639 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7...

6.5CVSS6.8AI score0.01535EPSS
Exploits1References6
CVE
CVE
added 2022/02/17 12:0 a.m.160 views

CVE-2022-0639

CVE-2022-0639 affects the Node.js URL parser library used in npm installs, specifically the node-url-parse package. Debian and Debian LTS advisories (DLA-4413-1) describe an authorization bypass where an incorrect conversion of special characters in the protocol (notably the @ character in href) ...

6.5CVSS5.4AI score0.01535EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2021/08/17 10:16 p.m.5 views

CVE-2021-0639

creationtimestamp| type| source ---|---|--- 2021-08-17 22:16:08+00:00| seen| https://t.me/cibsecurity/27454...

5.5CVSS5.5AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2021/08/17 6:29 p.m.128 views

CVE-2021-0639

CVE-2021-0639 affects Android/Widevine through libl3oemcrypto.cpp. Described as a local information disclosure due to weaknesses in the obfuscation/handling of sensitive data; requires no user interaction. Documented impact is partial confidentiality loss with local access and no privileges beyon...

5.5CVSS5.1AI score0.00117EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:0639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02821EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2012:0128-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.30558EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2018:0639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.01406EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/15 12:0 a.m.79 views

Microsoft Windows Multiple Vulnerabilities (KB4534273)

This host is missing a critical security update according to Microsoft KB4534273 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.1AI score0.89436EPSS
Exploits28References3
Prion
Prion
added 2020/01/14 11:15 p.m.19 views

Information disclosure

An information disclosure vulnerability exists in the Windows Common Log File System CLFS driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0639...

2.1CVSS5.2AI score0.0168EPSS
Exploits0References2Affected Software5
CVE
CVE
added 2020/01/14 11:11 p.m.151 views

CVE-2020-0639

CVE-2020-0639 is a Windows Common Log File System (CLFS) Driver Information Disclosure vulnerability. Connected CNVD entries describe a flaw where memory objects are mishandled, allowing an authenticated attacker who logs on and runs a crafted application to read data from memory. The CVSSv3 base...

5.5CVSS6.6AI score0.01307EPSS
Exploits0References1Affected Software8
Symantec
Symantec
added 2020/01/14 12:0 a.m.47 views

Microsoft Windows Common Log File System CVE-2020-0639 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versio...

1.1AI score0.01307EPSS
Exploits0Affected Software3
Tenable Nessus
Tenable Nessus
added 2020/01/14 12:0 a.m.111 views

KB4534312: Windows Server 2008 January 2020 Security Update

The remote Windows host is missing security update 4534312 or cumulative update 4534303. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Common Log File System CLFS driver when it fails to properly handle objects in memory. ...

10CVSS7.9AI score0.99222EPSS
Exploits10References22
Rows per page
Query Builder