Lucene search
K

122 matches found

CVE
CVE
added 2022/07/19 9:8 p.m.74 views

CVE-2022-21568

The CVE-2022-21568 vulnerability affects Oracle E-Business Suite, specifically the iReceivables component (Access Request). Affected versions are 12.2.3–12.2.11. The issue allows a low-privilege attacker who can access the application over HTTP via the network to potentially access sensitive data...

6.5CVSS6.8AI score0.00668EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/09/10 2:15 a.m.16 views

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

5.1CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/10 1:32 a.m.15 views

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

5.2AI score0.00225EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/06/19 10:15 p.m.22 views

CVE-2020-13275

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1...

8.1CVSS7.1AI score0.01043EPSS
Exploits0References4
Prion
Prion
added 2020/06/19 10:15 p.m.17 views

Design/Logic Flaw

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1...

5.5CVSS7.7AI score0.01043EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/02/19 8:15 p.m.17 views

Default credentials

The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/...

7.5CVSS7.2AI score0.66638EPSS
Exploits1References1Affected Software1
Hacker One
Hacker One
added 2019/10/16 4:37 p.m.16 views

U.S. Dept Of Defense: [HTA2] Receiving████ access request on @wearehackerone.com email address

Hi, Description I'm not exactly sure what happened, but it seems that my researcher email [email protected] has been added in a group that receives new user access request from MIDRP. ████████ ██████████ Steps to reproduce I'm honestly not sure what happened. I did test a few .███...

6.6AI score
Exploits0
OSV
OSV
added 2019/09/11 8:15 p.m.4 views

CVE-2019-3761

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module. A remote authenticated malicious user could potentially exploit this vulnerability to store malicio...

5.4CVSS6.1AI score0.00785EPSS
Exploits0References1
NVD
NVD
added 2019/09/11 8:15 p.m.15 views

CVE-2019-3761

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module. A remote authenticated malicious user could potentially exploit this vulnerability to store malicio...

5.4CVSS5AI score0.00785EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/11 7:17 p.m.19 views

CVE-2019-3761

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module. A remote authenticated malicious user could potentially exploit this vulnerability to store malicio...

5.4CVSS5AI score0.00785EPSS
Exploits0References1
CVE
CVE
added 2019/09/11 7:17 p.m.45 views

CVE-2019-3761

The CVE-2019-3761 entry describes a stored cross-site scripting vulnerability in RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products released before 7.1.0 P08, specifically in the Access Request module. A remote authenticated attacker could store malicious HTML or ...

5.4CVSS5AI score0.00785EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2018/10/09 12:0 a.m.2 views

Multiple Cisco Products IOS XE Software Elevation of Privilege Vulnerability

Cisco 4000 Series Integrated Services Routers and others are different models of router products from Cisco USA. in which IOS XE Software is used. an operating system developed by Cisco for its network devices. An elevation of privilege vulnerability exists in the shell access request mechanism o...

7.2CVSS7AI score0.00396EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/08/15 6:12 p.m.99 views

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Phishing works no matter how hard a company tries to protect its customers or employees. Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protection ATP mechanism implemented by widely used...

0.2AI score
Exploits0
Atlassian
Atlassian
added 2015/01/06 2:10 a.m.24 views

Request access to this page. userFullName can be modified.

Steps to reproduce: 1.-Create a page and grant permissions only for you 2.-Modify this url to point to your pageId https://extranet.atlassian.com/pages/viewpage.action?pageId=XXXXXXX&username=scia&userFullName=Scott%2BFarquhar&grantAccess=true 3.- You will be asked to grant Scott Farquhar...

1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/01/06 2:10 a.m.23 views

Request access to this page. userFullName can be modified.

Steps to reproduce: 1.-Create a page and grant permissions only for you 2.-Modify this url to point to your pageId https://extranet.atlassian.com/pages/viewpage.action?pageId=XXXXXXX&username=scia&userFullName=Scott%2BFarquhar&grantAccess=true 3.- You will be asked to grant Scott Farquhar...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2013/06/12 12:0 a.m.14 views

WinRadius Server Denial of Service Vulnerability

WinRadius Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2AI score
Exploits0References4
OpenVAS
OpenVAS
added 2012/06/29 12:0 a.m.12 views

WinRadius Server Access Request Packet Parsing DoS Vulnerability

WinRadius Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.0803EPSS
Exploits1References6
NVD
NVD
added 2012/06/27 9:55 p.m.14 views

CVE-2012-3816

WinRadius Server 2009 allows remote attackers to cause a denial of service crash via a long password in an Access-Request packet...

7.8CVSS6.7AI score0.0803EPSS
Exploits1References5
Prion
Prion
added 2012/06/27 9:55 p.m.14 views

Cross site request forgery (csrf)

WinRadius Server 2009 allows remote attackers to cause a denial of service crash via a long password in an Access-Request packet...

7.8CVSS7.2AI score0.0803EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2012/06/27 9:0 p.m.21 views

CVE-2012-3816

WinRadius Server 2009 allows remote attackers to cause a denial of service crash via a long password in an Access-Request packet...

6.7AI score0.0803EPSS
Exploits1References5
Rows per page
Query Builder