Lucene search
K

183 matches found

Packet Storm
Packet Storm
added 2020/12/14 12:0 a.m.380 views

MiniWeb HTTP Server 0.8.19 Buffer Overflow

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/14 12:0 a.m.503 views

MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)

Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/24 12:0 a.m.4 views

Unspecified Vulnerability in Various Apple Products (CNVD-2020-67608)

Apple watchOS is an operating system for smartwatches.Apple iPadOS is an operating system for iPad tablets.Apple macOS Catalina is a specialized operating system developed for Mac computers. A security vulnerability exists in a number of Apple products that stems from the fact that spaced-drop...

5.3CVSS4.9AI score0.00953EPSS
Exploits0References1
OSV
OSV
added 2020/10/27 9:15 p.m.3 views

CVE-2019-8796

A logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode...

5.3CVSS6AI score0.00953EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/10/27 8:57 p.m.33 views

CVE-2019-8796

A logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode...

5.3AI score0.00953EPSS
Exploits0References4
CNVD
CNVD
added 2020/10/22 12:0 a.m.1 views

Command Execution Vulnerability in Everyone Piano Windows Client

Everyone Piano is a piano simulation software that combines piano learning and entertainment. A command execution vulnerability exists in the Everyone Piano windows client, which can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/10/15 12:0 a.m.18 views

Guild Wars 2 - Insecure Folder Permissions Vulnerability

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild Wars 2 Launcher...

7.4AI score
Exploits0
Prion
Prion
added 2020/09/24 11:15 p.m.12 views

Privilege escalation

ActFax Version 7.10 Build 0335 2020-05-25 is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal. The folder permissions allow "Full Control" to...

4.4CVSS7.2AI score0.00398EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/12/02 2:15 a.m.3 views

CVE-2019-19490

LiteManager 4.5.0 has weak permissions Everyone: Full Control in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe...

7.3CVSS7.1AI score0.00401EPSS
Exploits1References1
OSV
OSV
added 2019/10/07 10:15 p.m.4 views

CVE-2019-16913

PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILESX86%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: F" to the contents of the directory and its subfolders. In addition, the program installs a service called SecurityService that runs as...

7.8CVSS7.1AI score0.00421EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2019/09/16 11:24 a.m.51 views

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users

Telegram messenger patches a privacy flaw in its "delete for everyone" feature that was not actually deleting shared images from the recipients' devices stored under "/Telegram/Telegram Images/" folder; instead was only deleting it from the chat screen...

3.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/16 11:24 a.m.3 views

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users

Telegram messenger patches a privacy flaw in its "delete for everyone" feature that was not actually deleting shared images from the recipients' devices stored under "/Telegram/Telegram Images/" folder; instead was only deleting it from the chat screen.https://t.co/JNgfUsNYYL...

6.7AI score
Exploits0
OSV
OSV
added 2019/08/12 12:15 a.m.4 views

CVE-2019-14935

3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link...

7.8CVSS7.1AI score0.00369EPSS
Exploits1References1
Prion
Prion
added 2019/05/21 9:29 p.m.26 views

Design/Logic Flaw

OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...

6.8CVSS7.3AI score0.01518EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/05/21 9:29 p.m.7 views

CVE-2019-12270

OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. T...

7.4CVSS7.1AI score0.01518EPSS
Exploits0References1
OSV
OSV
added 2019/03/21 4:0 p.m.4 views

CVE-2018-18435

KioWare Server version 4.9.6 and older installs by default to "C:\kiowarecom" with weak folder permissions granting any user full permission "Everyone: F" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as...

7.8CVSS5.8AI score0.01375EPSS
Exploits5References5
The Hacker News
The Hacker News
added 2019/02/06 7:36 a.m.3 views

How to Delete Accidentally Sent Messages, Photos on Facebook Messenger

Ever sent a message on Facebook Messenger then immediately regretted it, or an embarrassing text to your boss in the heat of the moment at late night, or maybe accidentally sent messages or photos to a wrong group chat? Of course, you have. We have all been through drunk texts and embarrassing...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/12/10 5:39 p.m.9 views

hotels-for-everyone.com XSS vulnerability

Open Bug Bounty ID: OBB-709875 Description| Value ---|--- Affected Website:| hotels-for-everyone.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

0.1AI score
Exploits0
Prion
Prion
added 2018/10/11 9:29 p.m.19 views

Default configuration

The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARYPATHNAME, leading to complete control of the affected system. The issue exists due ...

7.2CVSS7.8AI score0.00535EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/10/11 9:29 p.m.21 views

CVE-2018-12441

The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARYPATHNAME, leading to complete control of the affected system. The issue exists due ...

7.8CVSS7.9AI score0.00535EPSS
Exploits0References1
Rows per page
Query Builder