52 matches found
Security Updates for Microsoft .NET Framework (January 2024)
The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - Denial of service vulnerability in Microsoft .NET Framework. CVE-2023-36042, CVE-2024-21312 - Security feature bypass in...
Authentication Bypass
github.com/nats-io/nats-server is vulnerable to Authentication Bypass. The vulnerability occurs when the only account added is the system account $SYS. In this scenario, the nats-server creates an implicit user in $G and designates it as the noauthuser account. This effectively enables the same...
Cross site scripting
Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected authcallback=1, which is leveraged by the WebSocket authentication logic in tandem with the state parameter. The state parameter contains the hassUrl, which is...
Exploit for Improper Verification of Cryptographic Signature in Passport-Saml_Project Passport-Saml
Exploiting CVE-2022-39299 Signature bypass via multiple ro...
Hikvision IP Camera Unauthenticated Password Change Via Improper Authentication Logic
Many Hikvision IP cameras contain improper authentication logic which allows unauthenticated impersonation of any configured user account. The vulnerability has been present in Hikvision products since 2014. In addition to Hikvision-branded devices, it affects many white-labeled camera products...
Samsung CACertificateInfo Elevation of Privilege Vulnerability
Samsung CACertificateInfo is a system component of Samsung Samsung mobile devices.An elevation of privilege vulnerability exists in Samsung CACertificateInfo, which stems from faulty authentication logic in CACertificateInfo. An attacker could exploit this vulnerability to initiate certain...
SAMSUNG Mobile devices 输入验证错误漏洞
Samsung CACertificateInfo is a system component of Samsung Samsung mobile devices.An elevation of privilege vulnerability exists in Samsung CACertificateInfo, which stems from faulty authentication logic in CACertificateInfo. An attacker could exploit this vulnerability to initiate certain...
LinkedIn: Add me email address Authentication bypass
hi, this vulnerability can able to access user account without email verification in linkedins' add me email address function page. user add mail2 email address. without mail2 email address verification user can fully access mail1 linkedin account using mail2 email address. In linkedin mobile...
Samsung Security Supporter Access Control Error Vulnerability
Samsung Security Supporter is a Samsung built-in security support from Samsung, Korea.An access control error vulnerability exists in versions prior to Samsung Security Supporter 1.2.40.0, which stems from the presence of faulty access authentication logic. An attacker could exploit this...
Samsung Flow Access Control Error Vulnerability
Samsung flow is an application for Samsung Samsung mobile devices, a software used to connect Samsung to Win10-based computers for a seamless, secure, and connected experience.An access control error vulnerability exists in versions prior to Samsung Flow 4.8.06.5, which stems from a lack of prope...
CVE-2019-9564
A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32...
Tokheim Profleet DiaLOG Fuel Management System 11.005.02 SQLi / Code Execution Vulnerabilities
Tokheim Profleet DiaLOG Fuel Management System version 11.005.02 suffers from a remote SQL injection vulnerability that can allow for remote code execution. Exploit Title: Tokheim Profleet DiaLOG Fuel Management System 11.005.02 - SQLi Unauthenticated Exploit Author: golem445 Vendor Homepage:...
CVE-2021-41129
Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a confirmationtoken input during the two-factor authentication process to reference a cache value not associated with the login attempt. In rare cases this can...
CVE-2021-22904
The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses authenticateorrequestwithhttptoken or...
CVE-2021-22904
The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses authenticateorrequestwithhttptoken or...
CVE-2021-22904
CVE-2021-22904 concerns Rails Action Pack/token authentication DoS due to a too-permissive regular expression in Action Controller. Affected component: actionpack Ruby gem (versions before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6). Impact: potential denial of service via crafted requests or headers; no e...
CVE-2021-27570
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27569
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
Authentication flaw
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27570
CVE-2021-27570 affects Emote Remote Mouse (≤3.015). An attacker can remotely close any running process by sending the process name in a crafted packet. The affected communications are sent in cleartext and lack authentication, enabling network-based exploitation with low complexity and no privile...