Lucene search
K

68 matches found

CNNVD
CNNVD
added 2023/05/23 12:0 a.m.7 views

Parks Fiberlink 操作系统命令注入漏洞

Parks Fiberlink is a high-performance OLT from Parks designed to deliver ultra-broadband services to large numbers of subscribers in a fast and cost-effective manner. A security vulnerability exists in Parks Fiberlink version 210 2.1.14X000, which stems from a problem with the...

7.2CVSS7.1AI score0.05245EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2003-0468

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate...

5CVSS6.7AI score0.02382EPSS
Exploits4References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.4 views

SUSE CVE-2021-27927

In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. The code inside this controller calls diableSIDValidation inside the init method. An...

8.8CVSS9.3AI score0.01472EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/08/22 12:0 a.m.7 views

wkhtmltopdf 代码问题漏洞

wkhtmltopdf is wkhtmltopdf open source a library . Used to convert HTML to PDF. A code issue vulnerability exists in wkhtmltopdf version 0.12.6, which stems from the fact that it allows an attacker to gain initial access to a target system by injecting an iframe tag with the IP address of the...

9.8CVSS8.2AI score0.11276EPSS
Exploits4References6
OSV
OSV
added 2021/12/13 1:15 a.m.4 views

UBUNTU-CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

3.1CVSS5.8AI score0.01505EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/12/09 2:46 p.m.4 views

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

6.5CVSS7.4AI score0.0167EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/08 10:16 a.m.1 views

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

6.5CVSS7.4AI score0.0167EPSS
Exploits0References4
OSV
OSV
added 2021/12/08 12:0 a.m.8 views

UBUNTU-CVE-2021-43536

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.0167EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.4 views

Mozilla Firefox ESR 信息泄露漏洞

Mozilla Firefox ESR is an extended support version of the Mozilla Foundation's Firefox Web browser. Mozilla Firefox ESR suffers from an information disclosure vulnerability that stems from the fact that in some cases, an asynchronous function may cause a navigation failure that exposes the target...

6.5CVSS5.6AI score0.0167EPSS
Exploits0References31
NVD
NVD
added 2021/09/07 10:15 p.m.16 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS0.00542EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.3 views

CVE-2020-19768

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS7.1AI score0.00542EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.2 views

CVE-2020-19769

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS5.8AI score0.00542EPSS
Exploits1References1
OSV
OSV
added 2021/09/07 10:15 p.m.5 views

CVE-2020-19767

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

7.5CVSS7.1AI score0.01173EPSS
Exploits1References1
Prion
Prion
added 2021/09/07 10:15 p.m.13 views

Code injection

A lack of target address verification in the selfdestructs function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/07 10:15 p.m.15 views

Design/Logic Flaw

A lack of target address verification in the BurnMe function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/09/07 10:15 p.m.13 views

Code injection

A lack of target address verification in the destroycontract function of 0xRACER 1.0 allows attackers to steal tokens from victim users via a crafted script...

5CVSS7.3AI score0.01173EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/07 9:59 p.m.43 views

CVE-2020-19767

CVE-2020-19767 affects 0xRACER v1.0: a lack of target address verification in the destroycontract() function enables an attacker to steal tokens from victim users via a crafted script. Root cause: input/target address validation gap in destroycontract(). Documents do not provide a confirmed fix o...

7.5CVSS7.3AI score0.01173EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/09/07 9:59 p.m.37 views

CVE-2020-19769

CVE-2020-19769 : A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. Affected software: Rob The Bank 1.0 (BurnMe() function). Root cause: missing target address verification. Impact: token thef...

7.5CVSS7.3AI score0.00542EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/01/18 10:29 p.m.3 views

CVE-2017-17860

In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone...

5.7CVSS5.5AI score0.00286EPSS
Exploits1References2
myhack58
myhack58
added 2016/12/16 12:0 a.m.73 views

unsorted bin attack analysis-vulnerability warning-the black bar safety net

One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...

1AI score
Exploits0
Rows per page
Query Builder