Lucene search
K

1307 matches found

Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.6 views

PT-2023-18480

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue involves memory corruption in a multi-mode call processor when processing a bit mask API. Recommendations At the moment, there is no information about a newer version that...

9.8CVSS9.1AI score0.00353EPSS
Exploits0References3
HackRead
HackRead
added 2023/10/23 5:15 p.m.18 views

Google Chrome to Mask User IP Addresses to Protect Privacy

By Waqas The feature is called IP Protection, and it's important to note that it is not a VPN. A VPN encrypts all of a user's traffic, while IP Protection only masks their IP address. This is a post from HackRead.com Read the original post: Google Chrome to Mask User IP Addresses to Protect Priva...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/10/19 8:15 p.m.7 views

CVE-2023-30633

An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/10/19 10:15 a.m.4 views

CVE-2022-25333

The Texas Instruments OMAP L138 secure variants trusted execution environment TEE performs an RSA check implemented in mask ROM when loading a module through the SKLOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and appe...

8.8CVSS7.3AI score0.0013EPSS
Exploits0References2
Prion
Prion
added 2023/10/19 10:15 a.m.27 views

Code injection

The Texas Instruments OMAP L138 secure variants trusted execution environment TEE performs an RSA check implemented in mask ROM when loading a module through the SKLOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and appe...

4.3CVSS6.9AI score0.0013EPSS
Exploits0References1
Prion
Prion
added 2023/10/19 10:15 a.m.25 views

Design/Logic Flaw

The AES implementation in the Texas Instruments OMAP L138 secure variants, present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext...

0.8CVSS5.9AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/13 12:0 a.m.5 views

Xen Security Vulnerabilities

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen that...

5.5CVSS6.4AI score0.00256EPSS
Exploits0References7
OSV
OSV
added 2023/10/12 7:49 a.m.4 views

SUSE-SU-2023:4054-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored XSA-440, bsc1215744 - CVE-2023-34326: Missing IOMMU TLB flushing XSA-442, bsc1215746 - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling XSA-443, bsc1215747 -...

7.8CVSS6.7AI score0.00289EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/10/12 12:0 a.m.34 views

Xen: x86/AMD: Debug Mask handling (XSA-444)

AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. - CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previo...

10CVSS6.5AI score0.02501EPSS
Exploits0References3
Xen Project
Xen Project
added 2023/10/10 12:0 p.m.58 views

x86/AMD: Debug Mask handling

ISSUE DESCRIPTION AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1 CVE-2023-34327 - An HVM vCPU can end up operating in the...

5.5CVSS6.6AI score0.00256EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/09/13 10:15 p.m.4 views

CVE-2023-41162

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

6.1CVSS5.9AI score0.00424EPSS
Exploits0References3
OSV
OSV
added 2023/09/13 10:15 p.m.19 views

CVE-2023-41162

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

6.1CVSS6AI score0.00424EPSS
Exploits0References2
NVD
NVD
added 2023/09/13 10:15 p.m.15 views

CVE-2023-41162

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

6.1CVSS6.1AI score0.00424EPSS
Exploits0References2
Prion
Prion
added 2023/09/13 10:15 p.m.19 views

Cross site scripting

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

5.8CVSS6AI score0.00424EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/13 12:0 a.m.15 views

CVE-2023-41162

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

5.9AI score0.00424EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/13 12:0 a.m.1 views

PT-2023-9853 · Tcpreplay +3 · Tcpreplay +3

Name of the Vulnerable Software and Affected Versions: Tcpreplay version 4.4.4 Description: The issue is related to a null pointer dereference in the mask cidr6 component at cidr.c in Tcpreplay. This allows attackers to crash the application via a crafted tcprewrite command, potentially leading t...

7.8CVSS7.6AI score0.01506EPSS
Exploits9References55
Positive Technologies
Positive Technologies
added 2023/09/13 12:0 a.m.6 views

PT-2023-27838 · Usermin · Usermin

Name of the Vulnerable Software and Affected Versions: Usermin version 2.000 Description: A Reflected Cross-site scripting XSS issue exists in the file manager tab, allowing remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

6.1CVSS6.1AI score0.00424EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2023/08/03 9:39 a.m.576 views

Exploit for Missing Authorization in Content_Mask_Project Content_Mask

CVE-2022-1203 Content Mask 1.8.4 - Subscriber+ Arbitrary...

4.3CVSS4.6AI score0.01052EPSS
Exploits3
OSV
OSV
added 2023/07/06 3:15 p.m.3 views

CVE-2023-25122

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.01318EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 3:15 p.m.6 views

CVE-2023-25119

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.01318EPSS
Exploits1References2
Rows per page
Query Builder