19 matches found
EUVD-2020-6048
Malware in sbrugna...
CVE-2019-16908
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI...
CVE-2019-16908
creationtimestamp| type| source ---|---|--- 2024-02-01 15:16:33+00:00| seen| https://t.me/ctinow/177602...
CVE-2018-16908
...
CVE-2018-16908
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2020-16908 Windows Setup Elevation of Privilege Vulnerability
...
CVE-2020-16908
CVE-2020-16908 is a Windows Setup elevation-of-privilege vulnerability. A locally authenticated attacker can exploit improper handling of directories in Windows Setup to run arbitrary code with elevated system privileges, enabling installation of programs, viewing/changing/deleting data, or creat...
[SECURITY] [DLA 2350-1] php-horde-kronolith security update
Debian LTS Advisory DLA-2350-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 29, 2020 https://wiki.debian.org/LTS Package : php-horde-kronolith Version : 4.2.19-1+deb9u1 CVE ID : CVE-2017-16908 Debian Bug : 909738 In Horde Groupware, there has been an XSS vi...
CVE-2020-13835
An issue was discovered on Samsung mobile devices with O8.x with TEEGRIS software. The Gatekeeper Trustlet allows a brute-force attack on user credentials. The Samsung ID is SVE-2020-16908 June 2020...
Input validation
An issue was discovered on Samsung mobile devices with O8.x with TEEGRIS software. The Gatekeeper Trustlet allows a brute-force attack on user credentials. The Samsung ID is SVE-2020-16908 June 2020...
CVE-2020-13835
An issue was discovered on Samsung mobile devices with O8.x with TEEGRIS software. The Gatekeeper Trustlet allows a brute-force attack on user credentials. The Samsung ID is SVE-2020-16908 June 2020...
CVE-2020-13835
The CVE-2020-13835 issue affects Samsung mobile devices running O(8.x) with TEEGRIS, specifically involving the Gatekeeper Trustlet. The vulnerability stems from a brute-force weakness in the Trustlet that allows credential guessing, enabling a user credential brute-force attack. The issue is tie...
CVE-2020-12752
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 with TEEGRIS software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. The Samsung ID is SVE-2020-16908 May 2020...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 with TEEGRIS software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. The Samsung ID is SVE-2020-16908 May 2020...
CVE-2020-12752
CVE-2020-12752 affects Samsung mobile devices running P(9.0)/Q(10.0) with TEEGRIS. The issue allows attackers to determine user credentials via a brute-force attack against the Gatekeeper Trustlet, as described in multiple sources (Samsung ID SVE-2020-16908). The attack surface is the Gatekeeper ...
CVE-2020-12752
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 with TEEGRIS software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. The Samsung ID is SVE-2020-16908 May 2020...
CVE-2019-16908
CVE-2019-16908 affects Infosysta In-App & Desktop Notifications for Jira (before 1.6.14_J8). The vulnerability allows an unauthenticated user to obtain a list of all Jira projects via plugins/servlet/nfj/ProjectFilter?searchQuery=, due to an authorization check bypass in the plugin. Impact is inf...
Infosysta Jira 1.6.13_J8 Project List Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-042 Product: In-App & Desktop Notification for Jira Manufacturer: Infosysta Affected Versions: 1.6.13J8 Tested Versions: 1.6.13J8 Vulnerability Type: Authentication/Authorization Bypass Risk Level: Medium Solution Status: Clos...
CVE-2017-16908
The CVE-2017-16908 entry concerns Horde Groupware 5.2.19, where an XSS vulnerability in the Resource Name field can be exploited to enable remote code execution after compromising an administrator account, by bypassing the CVE-2015-7984 CSRF protection mechanism. Affected product/component: Horde...