Lucene search
+L

63 matches found

OSV
OSV
added 2020/03/17 3:15 p.m.3 views

CVE-2019-20496

cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...

5.5CVSS6.2AI score0.00294EPSS
Exploits0References1
Prion
Prion
added 2020/03/17 3:15 p.m.23 views

Code injection

cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...

4.9CVSS5.6AI score0.00294EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2020/02/19 12:0 a.m.388 views

Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak

Exploit Title: Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak Date: 2020-02-15 Author: byteGoblin Vendor: https://www.nanometrics.ca Product: https://www.nanometrics.ca/products/accelerometers/titan-sma Product:...

7.5CVSS7.6AI score0.74881EPSS
Exploits16
Packet Storm
Packet Storm
added 2020/02/19 12:0 a.m.143 views

Nanometrics Centaur 4.3.23 Memory Leak

Exploit Title: Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak Date: 2020-02-15 Author: byteGoblin Vendor: https://www.nanometrics.ca Product: https://www.nanometrics.ca/products/accelerometers/titan-sma Product:...

5CVSS0.74881EPSS
Exploits16
Openbugbounty
Openbugbounty
added 2020/02/09 5:45 a.m.8 views

highclassindependents.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1088320 Security Researcher error404 Helped patch 532 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting highclassindependents.com...

0.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/01/25 4:10 a.m.8 views

worldwayelec.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1074356 Security Researcher error404 Helped patch 532 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting worldwayelec.com website a...

0.2AI score
Exploits0
Prion
Prion
added 2018/03/13 9:29 p.m.23 views

Information disclosure

Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files CWE-532 vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appear to be exploitable...

5CVSS9AI score0.01484EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/03/13 9:0 p.m.50 views

CVE-2018-1000123

The vulnerability CVE-2018-1000123 affects the Ionic Cordova plugin for iOS Keychain, specifically the CDVKeychain.m file in versions before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf. It describes an Information Exposure Through Log Files (CWE-532) that can leak login credentials and other ...

9.8CVSS9.1AI score0.01484EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/13 9:0 p.m.30 views

CVE-2018-1000123

Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files CWE-532 vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appear to be exploitable...

9.2AI score0.01484EPSS
Exploits0References1
NVD
NVD
added 2018/03/13 3:29 p.m.34 views

CVE-2018-1000089

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS7.4AI score0.01243EPSS
Exploits0References2
OSV
OSV
added 2018/03/13 3:29 p.m.26 views

CVE-2018-1000089

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS7.6AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/03/13 3:29 p.m.28 views

CVE-2018-1000089

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS7AI score0.01243EPSS
Exploits0References2
OSV
OSV
added 2018/03/13 3:29 p.m.28 views

PYSEC-2018-46

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS4AI score0.01243EPSS
Exploits0References3
Prion
Prion
added 2018/03/13 3:29 p.m.19 views

Design/Logic Flaw

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

4.3CVSS7.3AI score0.01243EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/03/13 3:0 p.m.30 views

CVE-2018-1000089

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4AI score0.01243EPSS
Exploits0References2
CVE
CVE
added 2018/03/13 3:0 p.m.79 views

CVE-2018-1000089

The CVE-2018-1000089 entry relates to django-anymail (versions 0.2 to 1.3) exposing a CWE-532/CWE-209 flaw in the WEBHOOK_AUTHORIZATION setting. An attacker who can access Django error logs could discover ANYMAIL_WEBHOOK and post fabricated inbound/tracking events, potentially impacting the targe...

7.4CVSS7.2AI score0.01243EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2017/12/22 12:0 a.m.107 views

Trend Micro Smart Protection Server 3.2 XSS / Access Control / Disclosure

Advisory Information Title: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL: http://www.coresecurity.com/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities Date published: 2017-12-19 Date of last update: 2017-12-11...

0.3AI score0.19369EPSS
Exploits10
0day.today
0day.today
added 2017/10/25 12:0 a.m.78 views

Sophos UTM 9 Management Appplication Local File Inclusion Vulnerability

Exploit for hardware platform in category remote exploits Title: Sophos UTM 9 Management Application Local File Inclusion Advisory ID: KL-001-2017-021 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-021.txt 1. Vulnerability Details Affected...

6.7AI score
Exploits0
KoreLogic Security
KoreLogic Security
added 2017/10/24 12:0 a.m.31 views

Sophos UTM 9 Management Application Local File Inclusion

Vulnerability Details Affected Vendor: Sophos Affected Product: UTM 9 Affected Version: 9.410 Platform: Embedded Linux CWE Classification: CWE-538: File and Directory Information Exposure, CWE-264: Permissions, Privileges, and Access Controls, CWE-532: Information Exposure Through Log Files...

7AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.35 views

Amazon Linux: Security Advisory (ALAS-2015-532)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.02815EPSS
Exploits0References3
Rows per page
Query Builder