Lucene search
K

163 matches found

OSV
OSV
added 2021/08/02 9:15 p.m.11 views

CVE-2021-21866

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigge...

7.8CVSS5.9AI score0.01671EPSS
Exploits1References3
Hacker One
Hacker One
added 2021/07/26 4:43 p.m.27 views

Rockstar Games: Uninstalling Rockstar Games Launcher for Windows (64-bit), then reinstalling keeps you logged in without authentication

In this report, the researcher identified a potential weakness in Rockstar Games Launcher that caused the application to retain profile data on the local machine, even after the application was uninstalled. This included auto sign-in flags, resulting in automatic sign-ins when reinstalling Rockst...

2AI score
Exploits0
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.7 views

3s-smart Software Solutions CODESYS Development System代码问题漏洞

3s-smart Software Solutions CODESYS Development System is a suite of programming tools for the field of industrial controllers and automation technology from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A code issue vulnerability exists in the ObjectManager.plugin...

8.8CVSS8.1AI score0.01671EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2021/01/26 11:0 a.m.5 views

TikTok Bug Could Have Exposed Users' Profile Data and Phone Numbers

Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app's users and their associated phone numbers for future malicious activity. Although this flaw only impacts those users who have linked...

5.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/01/11 9:54 p.m.43 views

Millions of Social Profiles Leaked by Chinese Data-Scrapers

More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere. The leak stems from a misconfigured ElasticSearch database owned...

0.1AI score
Exploits0References6
CNNVD
CNNVD
added 2020/12/10 12:0 a.m.8 views

GitLab Information Disclosure Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab that originates...

4.3CVSS5.8AI score0.00815EPSS
Exploits0References3
OSV
OSV
added 2020/10/14 2:15 p.m.2 views

CVE-2020-0419

In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS6.7AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 5:15 p.m.18 views

CVE-2020-1523

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

8.9CVSS0.02174EPSS
Exploits1References1
OSV
OSV
added 2020/09/11 5:15 p.m.1 views

CVE-2020-1523

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

8.9CVSS7.3AI score0.02174EPSS
Exploits1References1
OSV
OSV
added 2020/09/11 5:15 p.m.2 views

CVE-2020-1440

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

6.3CVSS6.8AI score0.01773EPSS
Exploits1References1
NVD
NVD
added 2020/09/11 5:15 p.m.17 views

CVE-2020-1440

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

6.3CVSS0.01773EPSS
Exploits1References1
Prion
Prion
added 2020/09/11 5:15 p.m.19 views

Code injection

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

4CVSS6.8AI score0.02174EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/11 5:15 p.m.21 views

Code injection

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

4CVSS6.8AI score0.01773EPSS
Exploits1References1Affected Software2
CNVD
CNVD
added 2020/09/10 12:0 a.m.2 views

Microsoft SharePoint Server Tampering Vulnerability

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

6.3CVSS6.6AI score0.01773EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.33 views

Microsoft SharePoint Server Tampering Vulnerability

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

8.9CVSS1.8AI score0.02174EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.44 views

Microsoft SharePoint Server Tampering Vulnerability

A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected...

6.3CVSS1.8AI score0.01773EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2020/09/08 12:0 a.m.4 views

PT-2020-4034 · Microsoft · Sharepoint Foundation +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to insufficie...

8.9CVSS8.2AI score0.02174EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2020/09/08 12:0 a.m.3 views

PT-2020-4036 · Microsoft · Sharepoint Foundation +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: A tampering issue exists due to...

6.3CVSS6.5AI score0.01773EPSS
Exploits1References5
OSV
OSV
added 2020/07/23 4:23 a.m.3 views

OPENSUSE-SU-2020:1042-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 78.0.2 MFSA 2020-28 bsc1173948 MFSA-2020-0003 bmo1644076 X-Frame-Options bypass using object or embed tags - Firefox Extended Support Release 78.0.2esr ESR Fixed: Security fix Fixed: Fixed an accessibility regression in...

7.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/07/15 12:0 a.m.2 views

PT-2020-20579 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe versions prior to 4.5 Description: The issue allows malicious users with a valid Silverstripe CMS login to craft profile information, leading to cross-site scripting XSS for other users through specially crafted login form URLs...

5.4CVSS5.2AI score0.00556EPSS
Exploits0References9
Rows per page
Query Builder