Lucene search
K

360 matches found

Vulnrichment
Vulnrichment
added 2024/06/27 1:1 p.m.23 views

CVE-2024-1107 IDOR in Talya Informatics' Travel APPS

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

9.8CVSS5.8AI score0.00468EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/17 6:45 a.m.11 views

CVE-2023-33321 WordPress EventPrime plugin <= 2.8.6 - Sensitive Data Exposure

Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6...

5.3CVSS6.9AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/10 11:24 p.m.3 views

CVE-2024-21773

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings...

9.2AI score0.00531EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.4 views

PT-2023-26905 · Unknown · Siberiancms

Name of the Vulnerable Software and Affected Versions: SiberianCMS affected versions not specified Description: The issue concerns improper access control, allowing an authorized user to disable a security feature over the network. Recommendations: At the moment, there is no information about a...

6.5CVSS6.3AI score0.00364EPSS
Exploits0References5
Circl
Circl
added 2022/04/14 4:19 p.m.3 views

CVE-2022-27455

creationtimestamp| type| source ---|---|--- 2022-04-14 16:19:13+00:00| seen| https://t.me/cibsecurity/40768 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

7.5CVSS7.9AI score0.01564EPSS
Exploits1References2
CNVD
CNVD
added 2021/05/17 12:0 a.m.6 views

Command execution vulnerability in phpyun backend (CNVD-2021-37948)

phpyun a talent recruitment system built with PHP and MySQL databases. A command execution vulnerability exists in the backend of phpyun, which can be exploited by attackers to gain control of the server...

7.6AI score
Exploits0
ICS
ICS
added 2021/01/21 12:0 a.m.63 views

Mitsubishi Electric MELFA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELFA FR Series, MELFA CR Series, MELFA ASSISTA Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

7.8CVSS7.7AI score0.02744EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/12/12 1:39 p.m.17 views

CVE-2019-15932

Intesync Solismed 3.3sp has Incorrect Access Control...

9.6AI score0.02328EPSS
Exploits1References4
CNVD
CNVD
added 2019/07/03 12:0 a.m.3 views

Linear eMerge 50P/5000P File Upload Vulnerability

The Linear eMerge 50P/5000P is an access control security system managed through a browser from Nortek Security & Control. A file upload vulnerability exists in the Linear eMerge 50P/5000P. An attacker could use this vulnerability to upload a file with an arbitrary extension to a directory in the...

10CVSS7.2AI score0.06477EPSS
Exploits5References1
Microsoft Secure
Microsoft Secure
added 2018/12/19 9:52 p.m.111 views

Windows Defender ATP has protections for USB and removable devices

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers official title. Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistlin...

0.1AI score
Exploits0
0day.today
0day.today
added 2013/10/15 12:0 a.m.26 views

Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow

Exploit for windows platform in category remote exploits Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow // heap spray for IE7 //calc - 196 bytes var shellcode =...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2006/03/26 12:0 a.m.13 views

Update Protection against Directory Traversal Vulnerability in IBM Tivoli Access Manager

A vulnerability was reported in IBM Tivoli Access Manager. IBM Tivoli Access Manager provides access control security solutions. The vulnerability can be exploited via a specially crafted filename containing '../..' sequences. An attacker may attempt to exploit this vulnerability to place files o...

5CVSS5.1AI score0.09278EPSS
Exploits1
securityvulns
securityvulns
added 2005/01/02 12:0 a.m.21 views

Two Vulnerabilities in ViewCVS

--------------------------------------------------------------------------- Two Vulnerabilities in ViewCVS --------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basque Country...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2004/01/03 12:0 a.m.58 views

TOCTOU with NT System Service Hooking

TOCTOU Time-Of-Check-to-Time-Of-Use problem is known for a while 1. Nevertheless such bugs are still not uncommon. That is more or less acceptable for general software but not for security products. I believe there are drivers that hook kernel system services by well known technique 2,3,4. Those...

0.1AI score
Exploits0
CERT
CERT
added 2003/07/01 12:0 a.m.35 views

Windows Media Player 9 ActiveX control does not adequately validate access to Windows Media Library

Overview An ActiveX control included with Windows Media Player 9 does not adequately validate script access to the Windows Media Library. This could allow an attacker to read or modify data contained in the library. Description Windows Media Player 9 includes an ActiveX control that can be used t...

6.4CVSS5.9AI score0.19935EPSS
Exploits0References11
securityvulns
securityvulns
added 2002/05/10 12:0 a.m.55 views

Buffer overflow in MSN Messanger

Buffer overflow on long font name in header and in OCX MSN Chat Control...

2.2AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2002/01/08 12:0 a.m.44 views

Доступ к защищенным файлам в AOLServer &#40;unauthorized access&#41;

Под Windows можно обойти защиту файлов паролем добавив к имени файла '.'...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/07/12 12:0 a.m.49 views

Заткнут доступ к файлам в ColdFusion &#40;unauthorized access&#41;

Можно прочитать или удалить файлы, заменить содержимое файла нулями...

1.4AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2000/02/25 12:0 a.m.37 views

ssh-xauth.txt

The default SSH configuration for SSH1 and SSH2 allow for remote controlling of X sessions through X forwarding. All children of the SSH connection are able to tunnel X11 sessions through the X tunnel to the client X11 session. This is accomplished by running xauth upon logging in. If xauth is...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.12 views

Security Update for Windows 2000 (KB979559)

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

2.7AI score
Exploits0
Rows per page
Query Builder