Lucene search
K

173 matches found

Positive Technologies
Positive Technologies
added 2020/10/09 12:0 a.m.10 views

PT-2025-11144

Name of the Vulnerable Software and Affected Versions: EdDSA-Java aka ed25519-java versions 0.3.0 and earlier Description: The implementation of EdDSA in EdDSA-Java exhibits signature malleability and does not satisfy the SUF-CMA property. This allows attackers to create new valid signatures...

4.3CVSS6.5AI score0.00133EPSS
Exploits0References30
OSV
OSV
added 2020/09/24 6:15 p.m.4 views

CVE-2020-3526

A vulnerability in the Common Open Policy Service COPS engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this...

8.6CVSS7.3AI score0.01374EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/09/06 7:7 p.m.21 views

Automattic: Permanent DoS with one click.

Summary: Hello Team, messages of a user who deletes their account leave DoS effects on another user. Platforms Affected: website/mobile app/service Steps To Reproduce & PoC: Before you start testing, create two accounts. [email protected] [email protected] Confirm e-mails to sen...

1.6AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/13 12:0 a.m.67 views

OTRS 6.0.x < 6.0.25, 7.0.x < 7.0.14 Message Vulnerability

OTRS is prone to a vulnerability where it is possible to send drafted messages as wrong agent. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS3.8AI score0.01241EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/17 7:19 p.m.31 views

CVE-2019-6840

A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...

9.4AI score0.01149EPSS
Exploits0References1
Prion
Prion
added 2019/07/18 10:15 p.m.21 views

Information disclosure

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

5CVSS7.6AI score0.03121EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/18 9:45 p.m.26 views

CVE-2019-7941

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

7.2AI score0.03121EPSS
Exploits0References1
CVE
CVE
added 2019/04/25 7:33 p.m.58 views

CVE-2018-14990

CVE-2018-14990 affects multiple Android devices (Coolpad Defiant, ZTE ZMAX Pro, T-Mobile Revvl Plus) due to a pre-installed Rich Communication Services (RCS) app. The vulnerable components include a package named com.suntek.mway.rcs.app.service (with a TestReceiver broadcast receiver) and a refac...

7.5CVSS7.4AI score0.01829EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2019/02/06 7:36 a.m.13 views

SUSE-SU-2019:0249-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...

9.8CVSS8.9AI score0.12771EPSS
Exploits2References7
Openbugbounty
Openbugbounty
added 2018/07/06 1:55 p.m.35 views

vtisk.si XSS vulnerability

Open Bug Bounty ID: OBB-641462 Description| Value ---|--- Affected Website:| vtisk.si Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.10 views

The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system is related to unvalidated array indexing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code read from beyond the memory limit using a...

7.5CVSS8.2AI score0.07249EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2017/07/07 12:29 a.m.16 views

CVE-2017-5001

EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information disclosed in an error message to launch another more...

4.3CVSS4.5AI score0.01296EPSS
Exploits0References3
Prion
Prion
added 2015/09/18 12:0 p.m.23 views

Code injection

SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors...

2.1CVSS6AI score0.00352EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.58 views

Ekahau Real-Time Location Tracking System weak encryption

It's possible to read and generate messages...

4.3CVSS2.6AI score0.0136EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2014/12/08 12:0 a.m.31 views

PBBoard CMS - Persistent Cross-Site Scripting

PBBoard CMS - Persistent Cross-Site Scripting Exploit Title : PBBoard CMS Stored xss vulnerability Author : Manish Kishan Tanwar Vendor : http://www.pbboard.info/ version affected: all Date : 7/12/2014 Discovered @ : INDISHELL Lab Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,jagrit...

6.8AI score
Exploits0
OSV
OSV
added 2014/01/23 9:55 p.m.8 views

CVE-2013-6933

The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 1 space or 2 tab character at the beginning of an...

7.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/01/17 12:0 a.m.33 views

Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130108)

It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files with names based on untrusted input, it could result in the creation of files with different names than expected. CVE-2012-4522 It was found that...

5CVSS8.1AI score0.02772EPSS
Exploits3References4
Cvelist
Cvelist
added 2011/09/24 12:0 a.m.19 views

CVE-2011-3775

PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php and certain other files...

6.1AI score0.01242EPSS
Exploits0References4
CVE
CVE
added 2011/09/23 11:0 p.m.50 views

CVE-2011-3702

The vulnerability CVE-2011-3702 affects Ananta Gazelle 1.0. Affected software is Ananta Gazelle 1.0; exposure occurs via a direct request to a PHP file (e.g., modules/template.php) that reveals the installation path in an error message. This constitutes an information disclosure vulnerability, al...

5CVSS6.3AI score0.01335EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2010/02/19 5:30 p.m.27 views

Denial of service

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.24.45, 8.0 before 8.04.44, 8.1 before 8.12.35, and 8.2 before 8.21.10, allows remote attackers to cause a denial of service page fault and device reload via a malformed DTLS message, aka Bug ID CSCtb64913...

7.8CVSS7.1AI score0.0297EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder