Lucene search
K

324 matches found

OSV
OSV
added 2021/04/12 5:15 p.m.2 views

CVE-2020-15734

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29...

5.5CVSS6.1AI score0.00157EPSS
Exploits0References1
NVD
NVD
added 2021/04/12 5:15 p.m.18 views

CVE-2020-15734

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29...

5.5CVSS0.00157EPSS
Exploits0References1
Prion
Prion
added 2021/04/12 5:15 p.m.21 views

Design/Logic Flaw

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29...

2.1CVSS5.5AI score0.00157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/12 4:50 p.m.18 views

CVE-2020-15734 Same-origin policy vulnerability in Bitdefender Safepay

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29...

5.5CVSS5.5AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 5:15 p.m.4 views

CVE-2020-15733

An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29...

6.5CVSS6.6AI score0.00566EPSS
Exploits0References1
Prion
Prion
added 2020/12/14 5:15 p.m.14 views

Input validation

An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29...

4.3CVSS6.4AI score0.00566EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/12/14 5:5 p.m.27 views

CVE-2020-15733 URL Spoofing Vulnerability in Bitdefender SafePay (VA-8958)

An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29...

6.5CVSS6.4AI score0.00566EPSS
Exploits0References1
CVE
CVE
added 2020/12/14 5:5 p.m.50 views

CVE-2020-15733

CVE-2020-15733 describes an Origin Validation Error in Bitdefender Antivirus Plus’s SafePay component that allows a web resource to misrepresent itself in the browser URL bar. Connected documents confirm the vulnerability affects Bitdefender Antivirus Plus versions prior to 25.0.7.29. The root ca...

6.5CVSS6.3AI score0.00566EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/08/07 1:15 p.m.5 views

CVE-2020-16168

Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...

6.5CVSS6.6AI score0.00648EPSS
Exploits1References2
NVD
NVD
added 2020/08/07 1:15 p.m.15 views

CVE-2020-16168

Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...

6.5CVSS6.4AI score0.00648EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/08/07 12:20 p.m.24 views

CVE-2020-16168

Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...

6.4AI score0.00648EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2020/08/03 2:12 p.m.165 views

Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control

CVE-2019-3980 This repo was created to utilize the Nessus POC...

10CVSS9.5AI score0.0518EPSS
Exploits4
Cvelist
Cvelist
added 2018/10/08 3:0 p.m.23 views

CVE-2018-5400 The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices, resulting in an origin validation error

The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast...

9.1CVSS9.2AI score0.00742EPSS
Exploits0References2
CERT
CERT
added 2018/10/06 12:0 a.m.551 views

Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App

Overview Auto-Maskin RP remote panels and DCU controls units are used to monitor and control ship engines. The units have several authentication and encryption vulnerabilities which can allow attackers to access the units and control connected engines. Description CWE 798: ​Use of Hard-Coded...

10CVSS8.1AI score0.02095EPSS
Exploits0
Prion
Prion
added 2018/05/15 10:29 p.m.17 views

Input validation

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may...

2.6CVSS6.7AI score0.00645EPSS
Exploits0References2Affected Software4
NVD
NVD
added 2018/05/15 10:29 p.m.18 views

CVE-2018-10591

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may...

6.1CVSS6.8AI score0.00645EPSS
Exploits0References2
OSV
OSV
added 2018/05/15 10:29 p.m.5 views

CVE-2018-10591

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may...

6.1CVSS5.7AI score0.00645EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/05/15 10:0 p.m.21 views

CVE-2018-10591

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may...

6.2AI score0.00645EPSS
Exploits0References2
CVE
CVE
added 2018/05/15 10:0 p.m.60 views

CVE-2018-10591

CVE-2018-10591 is an origin-validation error affecting Advantech WebAccess family (WebAccess, Dashboard, Scada Node, NMS) prior to specific versions. The issue could let an attacker craft a malicious site, steal session cookies, and access data of authenticated users. Connected documents confirm ...

6.1CVSS6.1AI score0.00645EPSS
Exploits0References2Affected Software1
KoreLogic Security
KoreLogic Security
added 2017/09/25 12:0 a.m.12 views

Solarwinds LEM Insecure Update Process

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Multiple Affected Version: Multiple Platform: Embedded Linux CWE Classification: CWE-284: Improper Access Control, CWE-346: Origin Validation Error Impact: Counterfeit Product Downloads Attack vector: HTTP 2. Vulnerability...

0.1AI score
Exploits0
Rows per page
Query Builder