Lucene search
K

135 matches found

Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36725

Name of the Vulnerable Software and Affected Versions: EN4TR devices affected versions not specified Description: A security issue exists in the protected mode of EN4TR devices. Sending specifically crafted messages during a Forward Close operation can cause the device to crash. Recommendations: ...

7.1CVSS5.9AI score0.00632EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 4:1 a.m.11 views

CVE-2012-1545

Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service memory corruption by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012...

5.8CVSS7AI score0.20092EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/06 12:0 a.m.24 views

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d Authentication Bypass Using an Alternate Path or Channel (CVE-2023-4957)

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

5.4CVSS5.7AI score0.00269EPSS
Exploits0References3
ICS
ICS
added 2023/12/05 7:0 a.m.27 views

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION : Exploitable with adjacent access/low attack complexity Vendor : Zebra Technologies Equipment : ZTC Industrial ZT410, ZTC Desktop GK420d Vulnerability : Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful...

5.4CVSS5.1AI score0.00269EPSS
Exploits0References8
NVD
NVD
added 2023/10/11 2:15 p.m.28 views

CVE-2023-4957

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

5.4CVSS5.6AI score0.00269EPSS
Exploits0References1
Prion
Prion
added 2023/10/11 2:15 p.m.22 views

Authentication flaw

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

3.3CVSS4.9AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2023/10/11 1:21 p.m.53 views

CVE-2023-4957

CVE-2023-4957 affects Zebra Technologies ZTC industrial printers (ZT410) and GK420d desktop models. A authentication-bypass flaw allows an attacker on the same network to alter web-page credentials by sending a crafted POST to setvarsResults.cgi when the printer’s protected mode is disabled. Repo...

5.4CVSS4.7AI score0.00269EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/11 1:21 p.m.11 views

CVE-2023-4957 Authentication Bypass on Zebra ZTC

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

5.4CVSS4.7AI score0.00269EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.1 views

SUSE CVE-2015-3081

Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet...

4.3CVSS6.9AI score0.11351EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.4 views

SUSE CVE-2018-5165

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to...

5.3CVSS8.4AI score0.01673EPSS
Exploits1References11
Securelist
Securelist
added 2022/06/06 8:0 a.m.1632 views

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

At the end of May, researchers from the naosec team reported a new zero-day vulnerability in Microsoft Support Diagnostic Tool MSDT that can be exploited using Microsoft Office documents. It allowed attackers to remotely execute code on Windows systems, while the victim could not even open the...

9.3CVSS7.9AI score0.99933EPSS
Exploits118
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/15 11:40 p.m.599 views

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

In August, Microsoft Threat Intelligence Center MSTIC identified a small number of attacks less than 10 that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as CVE-2021-40444, as...

6.8CVSS0.96843EPSS
Exploits38
Packet Storm
Packet Storm
added 2020/09/11 12:0 a.m.652 views

Microsoft Internet Explorer 11 Use-After-Free

Exploit Title: Internet Explorer 11 - Use-After-Free Google Dork: if applicable Date: 2020-09-06 Exploit Author: Tgroup Vendor Homepage: Microsoft.com Version: IE 11 REQUIRED Tested on: Windows 7 x64 CVE : CVE-2020-0674 //...

7.6CVSS8.1AI score0.86863EPSS
Exploits17
BDU FSTEC
BDU FSTEC
added 2019/09/27 12:0 a.m.7 views

The vulnerability of the “Enable Adobe Flash protected mode” parameter in the Adobe Flash plugin for the Firefox ESR browser allows a hacker to bypass existing security restrictions.

The vulnerability of the “Enable Adobe Flash protected mode” parameter in the Adobe Flash plugin for the Firefox ESR browser is related to privilege management errors. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

6.4CVSS5.5AI score0.01673EPSS
Exploits1References4Affected Software3
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.125 views

Microsoft Windows: Shell protocol protected mode

This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only...

7.2AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2018/06/11 9:29 p.m.19 views

CVE-2018-5165

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to...

5.3CVSS6.8AI score0.01673EPSS
Exploits1References2
CNVD
CNVD
added 2018/06/05 12:0 a.m.3 views

Mozilla Firefox Security Bypass Vulnerability (CNVD-2018-11790)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 60, which originates from the program's failure to detect the Adobe Flash plug-in setting used to 'turn on Adobe Flash...

5.3CVSS9AI score0.01673EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2018/05/09 12:0 a.m.130 views

KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code, perform XSS attacks and bypass security restrictions. Below is a complete list ...

10CVSS10AI score0.21288EPSS
Exploits6References5
Krebs on Security
Krebs on Security
added 2018/02/02 2:21 p.m.55 views

Attackers Exploiting Unpatched Flaw in Flash

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this...

8.7AI score0.89618EPSS
Exploits19
0day.today
0day.today
added 2017/12/19 12:0 a.m.60 views

Microsoft Windows jscript!RegExpComp::Compile Heap Overflow Exploit

There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors. Windows: Heap overflow in jscript!RegExpComp::Compile through IE or local network via WPAD CVE-2017-11890 There is a heap overflow in jscript.dll when compiling a...

7.6CVSS7.9AI score0.49398EPSS
Exploits4
Rows per page
Query Builder