Lucene search
K

217 matches found

Positive Technologies
Positive Technologies
added 2021/08/08 12:0 a.m.10 views

PT-2021-7393 · Usbredir +5 · Usbredir +5

Name of the Vulnerable Software and Affected Versions: usbredir versions prior to 0.11.0 Description: A use-after-free issue was found in the usbredirparser serialize function in usbredirparser/usbredirparser.c. This occurs when serializing large amounts of buffered write data, particularly in...

6.6CVSS6.9AI score0.00309EPSS
Exploits0References36
CNNVD
CNNVD
added 2021/08/03 12:0 a.m.5 views

Liferay Portal 和 Liferay DXP 输入验证错误漏洞

Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...

6.1CVSS5.7AI score0.00977EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/03/25 2:57 a.m.11 views

New Relic: User without "View/Modify/Delete" permissions on "Destinations" can view/modify & delete Destinations

@archangel reported that an elevation-of-privilege in the Destinations functions could have allowed a user to view Destinations without having the rights to do so due to an IDOR Incorrect Direct Object Reference...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/02/24 3:43 p.m.3 views

Mozilla: Content Security Policy violation report could have contained the destination of a redirect

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox 86,...

4.3CVSS7.2AI score0.01212EPSS
Exploits0References5
OSV
OSV
added 2020/11/18 7:15 p.m.6 views

CVE-2020-3482

A vulnerability in the Traversal Using Relays around NAT TURN server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. The vulnerability is due to improper validation of specific...

6.5CVSS6.6AI score0.01361EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2020/07/31 8:41 p.m.7 views

map.adventurousdestinations.com Cross Site Scripting vulnerability OBB-1245097

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Fedora
Fedora
added 2020/03/27 10:46 a.m.18 views

[SECURITY] Fedora 30 Update: tor-0.4.2.7-1.fc30

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than makin g a direct connection, thus allowing both organizations and...

2.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/03/19 3:38 p.m.11 views

destinations-travel-namibia.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1120867 Security Researcher osvaldohp Helped patch 1 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting destinations-travel-namibia.com website and its users. Following coordinated and responsible vulnerability disclosure...

0.1AI score
Exploits0
Prion
Prion
added 2019/12/27 5:15 p.m.15 views

Code injection

Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission...

2.1CVSS7.1AI score0.00295EPSS
Exploits0References2Affected Software2
Openbugbounty
Openbugbounty
added 2019/12/08 9:50 a.m.6 views

wedding-destinations.focus.tv Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1033386 Security Researcher devl00p Helped patch 3021 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...

0.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/09 10:51 p.m.27 views

CVE-2018-10928

A flaw was found in RPC request using gfs3symlinkreq in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...

8.8CVSS2.4AI score0.02699EPSS
Exploits0References2
CNVD
CNVD
added 2019/09/11 12:0 a.m.4 views

CentOS Web Panel Input Validation Error Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. An input validation error vulnerability exists in CentOS Web Panel version 0.9.8.851, which can be exploited by an attacker to remove email forwarding destinations from an affected user's account...

6.5CVSS6.9AI score0.01787EPSS
Exploits2References1
Prion
Prion
added 2018/09/04 3:29 p.m.19 views

Design/Logic Flaw

A flaw was found in RPC request using gfs3symlinkreq in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...

6.5CVSS8.6AI score0.02699EPSS
Exploits0References8Affected Software7
Openbugbounty
Openbugbounty
added 2018/08/08 11:9 p.m.8 views

westgatedestinations.com XSS vulnerability

Open Bug Bounty ID: OBB-661032 Description| Value ---|--- Affected Website:| westgatedestinations.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/07/13 12:2 p.m.9 views

madamevacances.com XSS vulnerability

Open Bug Bounty ID: OBB-646362 Description| Value ---|--- Affected Website:| madamevacances.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/29 4:35 a.m.13 views

iacworldwide.com XSS vulnerability

Open Bug Bounty ID: OBB-623992 Description| Value ---|--- Affected Website:| iacworldwide.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Cvelist
Cvelist
added 2018/03/14 5:0 p.m.26 views

CVE-2018-0883

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations...

6.8AI score0.15092EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/01/24 8:7 p.m.10 views

wired-destinations.com XSS vulnerability

Open Bug Bounty ID: OBB-543619 Description| Value ---|--- Affected Website:| wired-destinations.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/01 3:19 a.m.13 views

finaldestinations.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-446027 Description| Value ---|--- Affected Website:| finaldestinations.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

6.3AI score
Exploits0
OSV
OSV
added 2017/11/27 10:29 a.m.6 views

CVE-2017-14390

In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration with Loggregator and syslog-drain causes logs to be drained to unintended locations...

7.5CVSS5.8AI score0.01426EPSS
Exploits0References2
Rows per page
Query Builder