215 matches found
CVE-2023-32805
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892...
CVE-2023-32805
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892...
CVE-2023-35689
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-35689
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-29131
A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Information disclosure
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Information disclosure
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21219
CVE-2023-21219 affects the Android kernel (Pixel/Android devices) where an insecure default enables unencrypted transport over cellular networks, potentially allowing remote information disclosure without extra privileges. Exploitation is described as network-based with no user interaction, and t...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Problem with ValiodatorStatus.INITIALIZED
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The default value for Enums in solidity are always the first parameters in them. In the ValidatorStatus Enum however, INITIALIZED is the first value and therefore the default value of the ValidatorStatu...
PUB-A-264698379
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
SUSE CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
SUSE CVE-2020-15169
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting XSS vulnerability in Action View's translation helpers. Views that allow the user to control the default not found value of the t and translate helpers could be susceptible to XSS attacks. When an...
Subrion CMS 跨站脚本漏洞
Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into a website and supports a variety of extension plugins and more. A cross-site scripting vulnerability exists in Subrion CMS version v4.2.1. An attacker can exploit this vulnerability t...
PT-2022-26762 · Intelliants · Intelliants Subrion Cms
Name of the Vulnerable Software and Affected Versions: Intelliants Subrion CMS version 4.2.1 Description: A cross-site scripting XSS issue in the "/panel/fields/add" component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value tex...
CVE-2022-20342
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...
CVE-2022-20308
In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...