Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

Prion
Prionadded 2014/04/21 10:55 p.m.14 views

Default configuration

The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT...

3CVSS6.3AI score0.00283EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2014/01/18 7:55 p.m.5 views

CVE-2013-6424

Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service crash via a negative bottom value...

7.2AI score
Exploits0References18
OSV
OSVadded 2012/07/25 7:55 p.m.4 views

CVE-2012-2673

Multiple integer overflows in the 1 GCgenericmalloc and 2 calloc functions in malloc.c, and the 3 GCgenericmallocignoreoffpage function in mallocx.c in Boehm-Demers-Weiser GC libgc before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows...

6.3AI score
Exploits0References18
OSV
OSVadded 2012/03/13 3:12 a.m.7 views

CVE-2012-0884

The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack MMA adaptive chosen ciphertext...

7.8AI score
Exploits0References23
Prion
Prionadded 2011/08/05 9:55 p.m.24 views

Design/Logic Flaw

The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...

5CVSS6.7AI score0.0195EPSS
Exploits0References15Affected Software1
OSV
OSVadded 2009/09/15 10:30 p.m.5 views

CVE-2009-2945

weblogin/login.fcgi aka the WebLogin login script in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading 1 web-serve...

6.3AI score
Exploits0References2
OSV
OSVadded 2009/09/02 5:30 p.m.5 views

CVE-2009-3050

Buffer overflow in the setpagesize function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file wit...

7.8AI score
Exploits0References7
RedHat Linux
RedHat Linuxadded 2008/07/16 9:57 a.m.2 views

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

10CVSS5.8AI score0.03102EPSS
Exploits0References4
CVE
CVEadded 2006/09/14 9:0 p.m.44 views

CVE-2006-4798

SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. Affected product/version: SQL-Ledger prior to 2.4.4. Underlying issue: password disclosed in URL/query string. The connected do...

5CVSS6.5AI score0.01263EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder