1205 matches found
Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
For NXP I. MX microprocessor HAB vulnerability analysis-vulnerability warning-the black bar safety net
One, Foreword NXP(NXP)semiconductor production company i. The MX Series application processor of the Secure Boot features in the presence of two vulnerabilities, two vulnerabilities by Quarkslab the two researchers Guillaume Delugré and Kévin Szkudłapski found this article on the two vulnerabilit...
Design/Logic Flaw
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The product's protocol only tries to ensure confidentiality. In the whole protocol, no integrity or authenticity checks are done. Therefore man-in-the-middle...
CVE-2017-11130
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The product's protocol only tries to ensure confidentiality. In the whole protocol, no integrity or authenticity checks are done. Therefore man-in-the-middle...
CVE-2017-11130
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The product's protocol only tries to ensure confidentiality. In the whole protocol, no integrity or authenticity checks are done. Therefore man-in-the-middle...
CVE-2017-11130
This CVE affects heinekingmedia StashCat: Android up to 1.7.5, Web up to 0.0.80w, Desktop up to 0.0.86. Root cause: the protocol only aims to protect confidentiality; there are no integrity or authenticity checks in the entire protocol. Consequence: man-in-the-middle attackers can perform replay ...
ThinkPHP5 PDO Authenticity Preprocessing suffers from SQL Injection Vulnerability
ThinkPHP V5.0 is a high-performance framework designed for API development. A SQL injection vulnerability exists in ThinkPHP5 PDO authenticity preprocessing. The vulnerability is caused by controlling the value position of the in statement, i.e. by passing in an array, leading to a SQL injection...
The vulnerability of the Antivirus Kasperksy 8.0 web console for Linux File Servers allows an attacker to send commands to the antivirus software on behalf of its user.
The vulnerability of the Antivirus Kaspersky 8.0 web console for Linux File Servers arises from the lack of authenticity verification for the creators of the web consoles. Exploiting this vulnerability allows a malicious actor to send an antivirus command on behalf of the user who visits the...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
Design/Logic Flaw
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
New Relic: CSRF For Adding Users
Issue The API affected is https://rpm.newrelic.com/accounts/accountid/accountviews. Only admin users are allowed to add other new users, but a normal user with knowledge of the accountid can craft a webpage which does a CSRF when an admin user visits it. There are 2 problems with it that can resu...
Files.com: CSRF @ configuration
Enter the support PIN from your test site if applicable: Enter the name of your test site if applicable: gaming2 Enter the subdomain from your test site if applicable: gaming2 Fill in the rest of your report below: ---- Greeting guys , i found a CSRF Bug at the configuration - General form in all...
Cross-Site Request Forgery (CSRF) Via Leakage Of Authenticity Token
omniauth is susceptible to cross-site request forgery attacks. The attacks are possible because it stores POST parameters in addition to GET parameters in callback phase, thereby exposing authenticitytokens from the POST parameters and leading to bypass of cross-site request forgery protection...
Unverifiable Symmetric Encryption
spring-cloud-config has a flaw which allows malicious manipulation of symmetric encryptions. The vulnerability exists because its default symmetric encryption does not use a Message Authentication Code MAC to verify the authenticity of encrypted message...
omniauth leaks authenticity token in callback params
In strategy.rb in OmniAuth before 1.3.2, the authenticitytoken value is improperly protected because POST in addition to GET parameters are stored in the session and become available in the environment of the callback phase...
GitLab - impersonate Feature Privilege Escalation
GitLab - impersonate Feature Privilege Escalation Exploit Title: GitLab privilege escalation via "impersonate" feature Date: 02-05-2016 Software Link: https://about.gitlab.com/ Version: 8.2.0 - 8.2.4, 8.3.0 - 8.3.8, 8.4.0 - 8.4.9, 8.5.0 - 8.5.11, 8.6.0 - 8.6.7, 8.7.0 Exploit Author: Kaimi Website...
HackerOne: Possible CSRF during joining report as participant
Hi, I think i found a possible csrf issue with joining report as participant endpoint, Actually one of the bug got duplicated and the company added me into the original bug as a participant. then, I got invitation from hackerone to joing the report. After opening the invitation link, there was tw...
Gratipay: don't store CSRF tokens in cookies
Your web application generates CSRF token values inside cookies which is not a best practice for web applications as revelation of cookies can reveal CSRF Tokens as well. Authenticity tokens should be kept separate from cookies and should be isolated to change operations in the account only. More...
Allround Automations PL/SQL Developer < 11.0.6.1776 HTTP Insecure Update RCE
The version of Allround Automations PL/SQL Developer installed on the remote host is prior to 11.0.6.1776. It is, therefore, affected by a remote code execution vulnerability due to a failure to properly verify the origin or authenticity of update data sent via HTTP. A man-in-the-middle attacker...