7 matches found
CVE-2026-40305
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user could craft a request that would force the acceptance of a friend request on another user. Version 10.2.2...
SUSE CVE-2011-1165
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
_autoAcceptOffer doesn't check if caller of setBuyPrice owns the NFT
Lines of code Vulnerability details Impact An attacker can create an offer then auto accept that offer for an NFT they don't own. This can happen for any NFT that the contract is approved for, or any NFT left in escrow with no active limitations Proof of concept Alice has an NFT that they either...
openSUSE Security Update : syncthing (openSUSE-2018-45)
This update for syncthing brings a new version and fixes the following issues : - Update to version 0.14.42 : - Discovering new files in a deleted directory does not resurrect the directory ghsyncthing/syncthing4475. - 'Panic: interface conversion: errors.errorString is not net.Error' after resta...
DEBIAN-CVE-2011-1165
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
vino-preferences does not warn about UPnP especially with no password and no confirmation.
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easier for remote attackers to perform further attacks...
OS X Gather Keychain Enumeration
This module presents a way to quickly go through the current user's keychains and collect data such as email accounts, servers, and other services. Please note: when using the GETPASS and GETPASSAUTOACCEPT option, the user may see an authentication alert flash briefly on their screen that gets...