Lucene search
+L

467 matches found

Prion
Prion
added 2014/10/16 7:55 p.m.12 views

Information disclosure

The Bear ID Lock aka com.wBearIDLock application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/10/16 7:0 p.m.41 views

CVE-2014-7048

The CVE-2014-7048 entry concerns the Android app Bear ID Lock (com.wBearIDLock) , version 0.1. The vulnerability is that the app does not verify X.509 certificates from SSL servers, which allows a man‑in‑the‑middle attacker to spoof servers and obtain sensitive information via a crafted certifica...

5.4CVSS6AI score0.00266EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/10/16 7:0 p.m.25 views

CVE-2014-7048

The Bear ID Lock aka com.wBearIDLock application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00266EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/31 10:14 a.m.14 views

Crouching Yeti APT Campaign Stretches Back Four Years

A new analysis of a long-term APT campaign targeting manufacturers, industrial, pharmaceutical, construction and IT companies in several countries has uncovered fresh details of the attack, including identification of nearly 3,000 victims and the unmasking of the command-and-control infrastructur...

0.6AI score
Exploits0References3
The Hacker News
The Hacker News
added 2014/07/01 10:56 p.m.11 views

Dragonfly Russian Hackers Target 1000 Western Energy Firms

Gone are the days when cyber criminals focuses only on PCs to spread malwares and target people, whether it’s ordinary or a high profile person. Nowadays, organizations in the energy sector have become an interesting target for cyber minds. Few days ago, security researchers uncovered a...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

No description provided by source. Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/03/31 12:0 a.m.579 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2014/03/27 12:0 a.m.12 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution

FTP Drive + HTTP 1.0.4 iOS - Code Execution Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/27 12:0 a.m.27 views

FTP Drive + HTTP 1.0.4 Code Execution

Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/27 12:0 a.m.21 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution

Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/03/20 12:0 a.m.21 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/03/20 12:0 a.m.16 views

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID: ====================================...

Exploits0
NVD
NVD
added 2013/11/25 7:55 p.m.15 views

CVE-2013-3922

Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash in a GET request...

7.8CVSS6.7AI score0.02521EPSS
Exploits1References2
Prion
Prion
added 2013/11/25 7:55 p.m.14 views

Directory traversal

Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash in a GET request...

7.8CVSS7.1AI score0.02521EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2013/11/25 7:0 p.m.40 views

CVE-2013-3922

The CVE-2013-3922 entry relates to Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier, vulnerable to a directory traversal via an encoded ..%2f (dot dot slash) in a GET request, allowing remote attackers to read arbitrary files. Connected sources corroborate the same description across ...

7.8CVSS6.8AI score0.02521EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2013/11/25 7:0 p.m.25 views

CVE-2013-3922

Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash in a GET request...

6.7AI score0.02521EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2012/09/21 12:0 a.m.21 views

Brother Bear SQL Injection

---------------------------------------------------------------- Brother Bear SQL Injection Vulnerability ---------------------------------------------------------------- Exploit Title : Brother Bear SQL Injection Vulnerability Author : Hack Center Security Team Discovered By : Net.W0lf Software...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2009/06/29 12:0 a.m.28 views

WHOISCART (Auth Bypass) Information Disclosure Vulnerability

No description provided by source. +===================================================================================+ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2009 | \ | | / / / \ /\ / ||\ \ ||/ ...

7.1AI score
Exploits0
xssed
xssed
added 2008/08/07 12:0 a.m.23 views

Unfixed XSS vulnerability at www.bigbearmountainresorts.com

Security researcher mckt, has submitted on 08/07/2008 a cross-site-scripting XSS vulnerability affecting www.bigbearmountainresorts.com, which at the time of submission ranked 603191 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/07/2008. I...

Exploits0References1
CVE
CVE
added 2008/05/29 11:0 p.m.49 views

CVE-2008-2507

CVE-2008-2507 concerns a cross-site scripting (XSS) vulnerability in Brown Bear Software Calcium 3.10 and 4.0.4 (Calcium40.pl). The issue arises in the ShowIt action where user-supplied input in the CalendarName parameter can be manipulated to inject arbitrary web script or HTML. The available do...

4.3CVSS5.7AI score0.01452EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder