Lucene search
K

5107 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.10 views

CVE-2019-10386

A cross-site request forgery vulnerability in Jenkins XL TestView Plugin 1.2.0 and earlier in XLTestView.XLTestDescriptordoTestConnection allows users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturi...

8.8CVSS6.5AI score0.00859EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.9 views

CVE-2019-1003016

An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java,...

8.8CVSS6AI score0.01023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:8 a.m.8 views

CVE-2012-3798

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks...

5CVSS6.8AI score0.01515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:31 a.m.10 views

CVE-2018-1999028

An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

8.8CVSS6.1AI score0.01119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 11:54 p.m.9 views

CVE-2001-1519

RunAs runas.exe in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to...

3.6CVSS6.7AI score0.05986EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:57 p.m.7 views

CVE-2003-0489

tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute...

7.2CVSS6.8AI score0.00408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.8 views

CVE-1999-0469

Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client...

5CVSS6.6AI score0.17213EPSS
Exploits0References1
NVD
NVD
added 2025/05/21 5:15 p.m.16 views

CVE-2025-48012

Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote Services with Stolen Credentials.This issue affects One Time Password: from 0.0.0 before 1.3.0...

4.8CVSS0.00217EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 5:15 p.m.5 views

CVE-2025-48012

Authentication Bypass by Capture-replay vulnerability in Drupal One Time Password allows Remote Services with Stolen Credentials.This issue affects One Time Password: from 0.0.0 before 1.3.0...

4.8CVSS5.8AI score0.00217EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/21 9:30 a.m.18 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with a known vulnerability (CVE-2024-52337)

Summary The product includes multiple vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM has addressed the relevant CVE. Vulnerability Details CVEID:CVE-2024-52337 DESCRIPTION: A log spoofing flaw was found in the Tuned package due to...

5.5CVSS6.4AI score0.00298EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/21 12:20 a.m.15 views

CVE-2025-30072

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities without triggering an alarm...

7.6CVSS6.7AI score0.00555EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.2 views

CRAKEN: Cybersecurity LLM Agent with Knowledge-Based Execution

Large Language Model LLM agents can automate cybersecurity tasks and can adapt to the evolving cybersecurity landscape without re-engineering. While LLM agents have demonstrated cybersecurity capabilities on Capture-The-Flag CTF competitions, they have two key limitations: accessing latest...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/21 12:0 a.m.85 views

📄 Remote for Windows 2024.15 Unauthenticated Desktop Screenshot Capture

Remote for Windows version 2024.15 suffers from a missing authentication vulnerability that allows for the disclosure of desktop screenshots. Exploit Title: Remote for Windows 2024.15 - Unauthenticated Desktop Screenshot Capture Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage:...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.2 views

Defining Atomicity (And Integrity) for Snapshots of Storage in Forensic Computing

The acquisition of data from main memory or from hard disk storage is usually one of the first steps in a forensic investigation. We revisit the discussion on quality criteria for "forensically sound" acquisition of such storage and propose a new way to capture the intent to acquire an...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2025/05/19 12:0 a.m.8 views

CVE-2025-30072

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities without triggering an alarm...

0.00555EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/19 12:0 a.m.5 views

CVE-2025-30072

Tiiwee X1 Alarm System TWX1HAKV2 allows Authentication Bypass by Capture-replay, leading to physical Access to the protected facilities without triggering an alarm...

7.4AI score0.00555EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.3 views

PT-2025-21779 · Unknown · Tiiwee X1 Alarm System

Name of the Vulnerable Software and Affected Versions: Tiiwee X1 Alarm System version TWX1HAKV2 Description: The issue allows for authentication bypass through capture-replay, resulting in physical access to protected facilities without triggering an alarm. Recommendations: For Tiiwee X1 Alarm...

7.6CVSS6.7AI score0.00555EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/16 5:12 p.m.16 views

CVE-2025-47706

Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...

4.8CVSS7.2AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2025/05/14 5:15 p.m.4 views

CVE-2025-47706

Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...

4.8CVSS5.8AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 5:2 p.m.8 views

CVE-2025-47706 Enterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-052

Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...

5.3AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder