Lucene search
K

697 matches found

CVE
CVE
added 2018/11/28 3:0 p.m.71 views

CVE-2017-18317

CVE-2017-18317 affects Qualcomm closed‑source components in Snapdragon Automotive and Snapdragon Mobile (MSM8996AU, SD 410/12, SD 820, SD 820A). The issue allows bypass of modem restrictions (sim lock/sim kill) by manipulating the system to issue a deactivation flow sequence. The available docume...

7.8CVSS7.7AI score0.00225EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2018/11/13 12:0 a.m.7 views

WordPress Media File Manager plugin <= 1.4.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability found by boombyte in WordPress Media File Manager plugin versions = 1.4.2. Solution WordPress Media File Manager plugin was closed on 2018 November 8 and is no longer available for download. Please deactivate and uninstall plugin as soon as possibl...

3.1AI score
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2018/08/14 3:56 a.m.139 views

Chaturbate: Stats Token doesn't expire after deactivating account

The hacker found that the stats token, that a user can use to access their own account information, does not expire when an account is deactivated. This was resolved so the view could not be used after deactivation. Application has a feature Authorize your 3rd party stats that provides users a wa...

3.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/06/11 9:29 p.m.19 views

CVE-2018-5165

In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to...

5.3CVSS6.8AI score0.01673EPSS
Exploits1References2
Patchstack
Patchstack
added 2017/06/03 12:0 a.m.25 views

WordPress WP-Testimonials plugin <=3.4.1 - SQL Injection vulnerability

WordPress WP-Testimonials plugin is prone to SQL injection vulnerability. The vulnerability allows an authenticated user to execute arbitrary SQL commands via the "testid" parameter to wp-admin/admin.php Solution WordPress WP-Testimonials plugin removed from WordPress plugin directory. We suggest...

8.8CVSS2.7AI score0.0239EPSS
Exploits4References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/26 12:0 a.m.31 views

WordPress < 3.3.2 Multiple Vulnerabilities

Binary data 9101.prm...

10CVSS6.7AI score0.0868EPSS
Exploits2References15
NVD
NVD
added 2015/12/27 3:59 a.m.19 views

CVE-2015-8254

The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to 1 initiate a false alarm or 2 deactivate an alarm by modifying the client-server data stream...

5.9CVSS5.7AI score0.00403EPSS
Exploits1References2
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.31 views

[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-009 Product: Kaspersky Anti-Virus KAV Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

7AI score
Exploits0
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.44 views

[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-003 Product: Kaspersky Small Office Security KSOS Vendor: Kaspersky Lab ZAO Affected Versions: 13.0.4.233 Tested Versions: 13.0.4.233 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk...

7AI score
Exploits0
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.137 views

[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-005 Product: Kaspersky Total Security KTS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.33 views

[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-007 Product: Kaspersky Internet Security KIS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.2.361 Tested Versions: 15.0.2.361 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

7AI score
Exploits0
ICS
ICS
added 2015/09/24 6:0 a.m.125 views

Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

OVERVIEW Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens...

9.8CVSS8.4AI score0.81762EPSS
Exploits6References10
myhack58
myhack58
added 2015/09/14 12:0 a.m.15 views

Write a unable to uninstall the App – Device Manager vulnerability-vulnerability warning-the black bar safety net

Two days ago some friends found the phone has an app cannot be uninstalled, after known because the Device Manager to activate the LED, then go try to cancel, but the cancel the the moment the card machine. Repeatedly toss after, only to re-brush. Later he sent an article about the Device Manager...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2015/07/14 9:20 a.m.12 views

Mozilla Disables Flash in Firefox

As the zero days in Adobe Flash continue to pile up, Mozilla has taken the unusual step of disabling by default all versions of Flash in Firefox. The move is a temporary one as Adobe prepares to patch two vulnerabilities in Flash that were discovered as a result of the HackingTeam document dump...

0.5AI score
Exploits0References5
securityvulns
securityvulns
added 2015/05/10 12:0 a.m.143 views

[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-019 Product: BullGuard Antivirus Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solution...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/04/19 12:0 a.m.21 views

WordPress Citizen Space 1.1 Cross Site Scripting

Details ================ Software: Citizen Space Version: 1.1 Homepage: http://wordpress.org/plugins/citizen-space/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-citizen-space-allows-attackers-to-view-sensitive-information-of-the-attackers-choosing/ CVE: Awaiting assignmen...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2015/04/16 12:0 a.m.138 views

[SYSS-2015-014] Panda Global Protection 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-014 Product: Panda Global Protection 2015 Vendor: Panda Security Affected Versions: 15.1.0 Tested Versions: 15.1.0 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solutio...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2015/04/16 12:0 a.m.42 views

[SYSS-2015-012] Panda Internet Security 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-012 Product: Panda Internet Security 2015 Vendor: Panda Security Affected Versions: 15.0.1 Tested Versions: 15.0.1 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solutio...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2015/04/16 12:0 a.m.36 views

[SYSS-2015-015] Panda Gold Protection 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-015 Product: Panda Gold Protection 2015 Vendor: Panda Security Affected Versions: 15.1.0 Tested Versions: 15.1.0 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solution...

Exploits0
ICS
ICS
added 2015/04/02 6:0 a.m.99 views

SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability

OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-15-181-02 SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability that was published September 3, 2015, on the NCCIC/ICS-CERT web site. Aleksandr Timorin of PT Security has identified a hard-coded account...

10CVSS6.9AI score0.03388EPSS
Exploits0References10
Rows per page
Query Builder