Lucene search
K

569 matches found

Vulnerability Lab
Vulnerability Lab
added 2018/01/04 12:0 a.m.31 views

Wickr Inc - App Clock & Message Deletion Glitch P2

Document Title: =============== Wickr Inc - App Clock & Message Deletion Glitch P2 References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2107 Document: https://www.vulnerability-lab.com/resources/documents/2107.rar Vulnerability Magazine:...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2018/01/04 12:0 a.m.31 views

Wickr Inc - App Clock & Message Deletion Glitch P2

Document Title: =============== Wickr Inc - App Clock & Message Deletion Glitch P2 References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2107 Document: https://www.vulnerability-lab.com/resources/documents/2107.rar Vulnerability Magazine:...

Exploits0
CVE
CVE
added 2017/11/23 9:0 p.m.57 views

CVE-2017-13701

Affected product: MOXA EDS-G512E (5.1 build 16072215). Issue: backup files store passwords without salt and with an insecure, timestamped ciphering method, enabling exposure of credentials. Impact: high confidentiality and integrity concerns; CVSS-3.0 base score 9.8 (CRITICAL), network attack vec...

9.8CVSS9.3AI score0.01555EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/07/17 7:29 p.m.12 views

CVE-2017-3742

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...

4.8CVSS4.9AI score0.00483EPSS
Exploits0References1
Veracode
Veracode
added 2017/05/03 2:6 a.m.14 views

Insecure Storage Of Cache Files

RuboCop does not store cache files securely. It stores the cache files in \tmp, where a malicious local user can tamper with cache files belonging to other users...

3.3CVSS4.2AI score0.00409EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2017/04/27 7:13 a.m.500 views

Information Disclosure

github.com/openshift/origin is vulnerable to information disclosure. When a pod is used with the --credentials option is used, a local attacker can get private key information by reading the systemd journal. This is because when the --credential option is enabled, the router credentials are store...

5.1CVSS4.9AI score0.00369EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/10/17 12:0 a.m.1 views

MicroMail Email Client for Android - Gesture Password Insecure Storage Vulnerability

Micro Mail is a multi-mailbox management mobile client, mobile office tools for personal and business users. Micro Mail Mail Client for Android - There is an insecure storage vulnerability for gesture passwords, when a user uses a gesture password, the password is stored in plaintext and can be...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2016/09/08 12:0 a.m.38 views

Jobberbase 2.0 - Multiple Vulnerabilities

Jobberbase: http://www.jobberbase.com/ Version: 2.0 By Ross Marks: http://www.rossmarks.co.uk 1 Local path disclosure - change any variable to an array and in most cases it will tell you the local path where the application is installed eg...

7.4AI score
Exploits0
NVD
NVD
added 2016/06/10 1:59 a.m.17 views

CVE-2016-4524

ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...

6.5CVSS6.1AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/06/10 1:0 a.m.29 views

CVE-2016-4524

ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...

6.1AI score0.00285EPSS
Exploits0References1
Hacker One
Hacker One
added 2015/04/23 6:13 p.m.151 views

Whisper: Insecure Local Data Storage : Application stores data using a binary sqlite database

Android provides several options for developers to save persistent application data. The local DB should store data depending on whether the data should be private to your application or accessible to other applications and users. In any case, sensible data always have to be encrypted to avoid...

3.9AI score
Exploits0
OpenVAS
OpenVAS
added 2015/03/10 12:0 a.m.47 views

Loxone Smart Home Multiple Vulnerabilities (Mar 2015)

Loxone Smart Home is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:loxone:miniserverfirmware...

7.3AI score
Exploits0References1
ICS
ICS
added 2015/01/01 7:0 a.m.75 views

Inductive Automation Ignition Vulnerabilities

OVERVIEW Evgeny Druzhinin, Alexey Osipov, Ilya Karpov, and Gleb Gritsai of Positive Technologies have identified several vulnerabilities in Inductive Automation’s Ignition Software. Inductive Automation has produced a patch that mitigates these vulnerabilities. These vulnerabilities could be...

6.4CVSS9.7AI score0.02266EPSS
Exploits0References10
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.87 views

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities]

Advisory Overview Multiple vulnerabilities exist in the Vembu Storegrid Backup and Disaster Recovery solution affecting both the client and server software see Additional Information section include but are not limited to reflected XSS, source code/sensitive information disclosure, privilege...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/01 12:0 a.m.25 views

Tridium Niagara AX Web Server < 3.5.40.3 / 3.6 < 3.6.47.3 Multiple Vulnerabilities

Binary data 8348.prm...

7.8CVSS6.8AI score0.02542EPSS
Exploits0References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities

No description provided by source. .: Philips VOIP841 Multiple Vulnerabilities :. Luca ikki Carettoni - [email protected] Systems affected: Philips VOIP841, Firmware Version 1.0.4.50 and 1.0.4.80, Web Server Version 1.5 simple httpd Systems not affected: n/a a Hidden Administration...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.36 views

Starbucks mobile application information leakage

Insecure user data storing...

2.1CVSS2.2AI score0.0038EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2014/01/19 12:0 a.m.56 views

[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application

Title: CVE-2014-0647 Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application Published: January 13, 2014 Reported to Vendor: December 2013 no direct response CVE Reference: CVE-2014-0647 Credit: This issue was discovered by Daniel E. Wood...

2.1CVSS0.1AI score0.0038EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2014/01/15 5:45 p.m.5 views

PicketBox: Insecure storage of masked passwords

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file...

1.9CVSS5.8AI score0.00239EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/18 12:0 a.m.59 views

LiveZilla < 5.1.2.1 Multiple Vulnerabilities

The version of LiveZilla hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. Note that CVE-2013-7003 was reportedly fixed in version...

7.5CVSS5.6AI score0.01854EPSS
Exploits4References6
Rows per page
Query Builder