Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2022/09/05 7:15 a.m.1 views

UBUNTU-CVE-2022-39050

An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Then the stored JavaScript is executed in the context of OTRS. The same issue applies for the usage of external...

4.8CVSS5.8AI score0.00598EPSS
Exploits0References3
Prion
Prionadded 2018/03/02 1:29 a.m.14 views

Design/Logic Flaw

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.3CVSS8.5AI score0.00264EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/03/02 1:29 a.m.10 views

CVE-2018-1170

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS8.5AI score0.00264EPSS
Exploits0References1
OSV
OSVadded 2018/03/02 1:29 a.m.1 views

CVE-2018-1170

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS5.9AI score0.00264EPSS
Exploits0References1
CVE
CVEadded 2018/03/02 1:0 a.m.92 views

CVE-2018-1170

The CVE-2018-1170 issue affects the Volkswagen Customer-Link App (v1.30) and HTC Customer-Link Bridge. The root cause is a failure to implement proper protection against unauthorized firmware updates, allowing adjacent attackers to inject arbitrary CAN messages on vulnerable installations. The vu...

8.8CVSS8.5AI score0.00264EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2018/03/02 1:0 a.m.14 views

CVE-2018-1170

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.6AI score0.00264EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2018/02/27 12:0 a.m.25 views

Volkswagen Customer-Link App Protection Mechanism Failure CAN Message Injection Vulnerability

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Li...

8.3CVSS0.8AI score0.00264EPSS
Exploits0
Rows per page
Query Builder