Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

OSV
OSVadded 2019/07/02 10:15 p.m.19 views

PYSEC-2019-20

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

9.8CVSS5.9AI score0.00405EPSS
Exploits1References2
Prion
Prionadded 2019/07/02 10:15 p.m.9 views

Design/Logic Flaw

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

7.5CVSS9.3AI score0.00405EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2019/07/02 9:17 p.m.222 views

CVE-2019-13177

The CVE is supported by concrete details in connected sources: django-rest-registration before 0.5.0 misuses the Django Signer API by passing the salt as the secret key, resulting in static, easily guessable verification signatures. This allows remote attackers to spoof the verification process v...

9.8CVSS9.3AI score0.00405EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2019/07/02 9:17 p.m.25 views

CVE-2019-13177

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

9.4AI score0.00405EPSS
Exploits1References2
Kitploit
Kitploitadded 2012/11/18 11:13 p.m.44 views

[VSD] (Virtual Section Dumper) Just another Virtual Section Dumper for Windows Processes

What's VSD? VSD Virtual Section Dumper is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header , dump a given range of memory or even list and dump every virtual...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2012/08/01 12:0 a.m.25 views

Scientific Linux Security Update : spice-xpi on SL5.x i386/x86_64

The spice-xpi package provides a plug-in that allows the SPICE client to run from within Mozilla Firefox. A race condition was found in the way the SPICE Firefox plug-in and the SPICE client communicated. A local attacker could use this flaw to trick the plug-in and the SPICE client into...

3.3CVSS5.6AI score0.00049EPSS
Exploits0References6
The Hacker News
The Hacker Newsadded 2012/01/18 4:56 p.m.8 views

Book Review: IPhone Applications Tune-up

Book Review: IPhone Applications Tune-up Packt recently published a new book- IPhone Applications Tune-up. The book is of course about programming for the iPhone. But there is one chapter on maintainability that is far broader applicability than just the iPhone. This review was written by Wes...

6.8AI score
Exploits0
UbuntuCve
UbuntuCveadded 2008/09/11 1:13 a.m.16 views

CVE-2008-3970

pammount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount...

6.9CVSS5.9AI score0.00041EPSS
Exploits0References1
Rows per page
Query Builder