Lucene search
+L

201 matches found

UbuntuCve
UbuntuCve
added 2023/03/09 6:15 a.m.30 views

CVE-2023-27985

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...

7.8CVSS7.1AI score0.01088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-5455

Cross-site request forgery CSRF vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL...

2.6CVSS7.1AI score0.01573EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-3668

Cross-site request forgery CSRF vulnerability in postbug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports...

6.8CVSS7AI score0.00945EPSS
Exploits1References4
OSV
OSV
added 2022/10/26 8:58 a.m.7 views

SUSE-SU-2022:3761-1 Security update for release-notes-susemanager, release-notes-susemanager-proxy

This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues: Release notes for SUSE Manager: - Update to SUSE Manager 4.3.2 Containerized proxy and RBS are now fully supported HTTP API is now fully supported Ubuntu 22.04 is now supported as a client Cobbl...

9.8CVSS8.9AI score0.04923EPSS
Exploits3References50
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2022/10/11 12:0 a.m.240 views

Stable Channel Update for Desktop

The Stable channel has been updated to 106.0.5249.119 for Windows,Mac and Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Extended stable channel has been updated to 106.0.5249.119 for Windows,Mac which will roll out over the...

8.8CVSS7.8AI score0.00683EPSS
Exploits0Affected Software1
HackRead
HackRead
added 2022/07/04 9:39 p.m.19 views

HackerOne Fires Employee for Stealing Bug Reports, Collecting Bug Bounties

By Deeba Ahmed Bug bounty and vulnerability coordination platform HackerOne has fired an employee for using their position to access customers… This is a post from HackRead.com Read the original post: HackerOne Fires Employee for Stealing Bug Reports, Collecting Bug Bounties...

0.8AI score
Exploits0
CNNVD
CNNVD
added 2022/06/24 12:0 a.m.6 views

MantisBT 跨站脚本漏洞

MantisBT is the Mantisbt team of a Web-based open source defect tracking system . The system provides project management and defect tracking services in the form of Web operations. A cross-site scripting vulnerability exists in MantisBT versions prior to 2.25.5, which originated from a...

5.4CVSS5.6AI score0.00901EPSS
Exploits1References4
OSV
OSV
added 2022/06/15 2:15 p.m.3 views

CVE-2022-20204

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.4AI score0.00102EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/15 2:15 p.m.9 views

CVE-2022-20204

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00102EPSS
Exploits0References2
NVD
NVD
added 2022/06/15 2:15 p.m.23 views

CVE-2022-20204

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00102EPSS
Exploits0References1
Prion
Prion
added 2022/06/15 2:15 p.m.17 views

Design/Logic Flaw

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

4.6CVSS7.6AI score0.00102EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/06/01 12:0 a.m.5 views

PUB-A-171495100

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7AI score0.00102EPSS
Exploits0References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2022/05/10 12:0 a.m.115 views

Stable Channel Update for Desktop

The Stable channel has been updated to 101.0.4951.64 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by...

8.8CVSS8.1AI score0.00776EPSS
Exploits1Affected Software1
Code423n4
Code423n4
added 2022/04/19 12:0 a.m.17 views

Chainlink oracle might return stale data

Lines of code Vulnerability details Impact Oracle might return stale data for basePrice and quotePrice. Proof of Concept refreshedAssetPerBaseInUQ in ChainlinkPriceOracle.sol does not check if the data from Chainlink is fresh . If there is a problem with the Chainlink oracle, this contract may be...

7AI score
Exploits0
Kitploit
Kitploit
added 2021/11/19 11:30 a.m.43 views

Msticpy - Microsoft Threat Intelligence Security Tools

Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks. It includes functionality to: query log data from multiple sources enrich the data with Threat Intelligence, geolocations and Azure resource data extract Indicator...

6.5AI score
Exploits0References27
UbuntuCve
UbuntuCve
added 2021/10/21 12:0 a.m.66 views

CVE-2021-42097

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrftoken value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin e.g., for account takeover...

8.5CVSS7AI score0.01289EPSS
Exploits0References5
Fedora
Fedora
added 2021/08/16 1:18 a.m.26 views

[SECURITY] Fedora 34 Update: rust-bugreport-0.4.0-2.fc34

Collect system and environment information for bug reports...

9.8CVSS1.7AI score0.01923EPSS
Exploits0
Kitploit
Kitploit
added 2021/03/01 8:30 p.m.88 views

Halogen - Automatically Create YARA Rules From Malicious Documents

Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document. Halogen help python3 halogen.py -h usage: halogen.py -h -f FILE -d DIR -n NAME --png-idat --jpg-sos Halogen: Automatically create yara rules based on images embedded in office...

7.4AI score
Exploits0References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2020/09/08 12:0 a.m.31 views

Stable Channel Update for Desktop

The stable channel has been updated to 85.0.4183.102 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

9.6CVSS7.6AI score0.01769EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2020/07/07 12:30 p.m.81 views

Airshare - Cross-platform Content Sharing In A Local Network

Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo...

7.3AI score
Exploits0References3
Rows per page
Query Builder