Lucene search
K

213 matches found

OSV
OSV
added 2025/10/02 7:35 p.m.4 views

CLSA-2025-1759433716 samba: Fix of CVE-2020-25717

CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500...

8.5CVSS6.8AI score0.01612EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.2 views

Configure a Proper Value for MaxAuthTries

MaxAuthTries indicates the maximum number of user authentication failures allowed in a single connection. If the number of user authentication failures exceeds the value, the connection is automatically disconnected. You are advised to set this field to a value less than or equal to 3. If this...

6.8AI score
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.2 views

Configure a Proper Value for LoginGraceTime

LoginGraceTime is used to limit the login time of a user. If a user does not complete the login within the time specified by LoginGraceTime, the connection is automatically disconnected. You are advised to set this field to a value less than or equal to 60, in seconds. If this field is set to a...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2025/09/08 12:0 a.m.3 views

Google Android Information Disclosure Vulnerability (CNVD-2025-23028)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an insecure default value flaw in the generateRandomPasword function in LocalBluetoothLeBroadcast.java. An attacker can exploit the leak to obtai...

5.7CVSS6.1AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 7:15 p.m.1 views

CVE-2025-48563

In onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00082EPSS
Exploits0References2
OSV
OSV
added 2025/09/04 7:15 p.m.3 views

CVE-2025-32330

In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not...

5.7CVSS5.9AI score0.0012EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/04 6:33 p.m.2 views

CVE-2025-32330

In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not...

5.6AI score0.0012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/04 12:0 a.m.4 views

PT-2025-36082

Name of the Vulnerable Software and Affected Versions: RemoteFillService.java affected versions not specified Description: The RemoteFillService.java component contains a flaw in the onNullBinding function related to an insecure default value. This can result in unauthorized background activity...

7.8CVSS5.9AI score0.00082EPSS
Exploits0References5
OSV
OSV
added 2025/05/31 3:15 p.m.3 views

CVE-2025-5383

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. Th...

4.8CVSS3.7AI score0.00231EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/05/31 12:0 a.m.3 views

Yifang CMS 安全漏洞

Yifang CMS is a PHP enterprise website development and construction management system from China Yifang Company. A security vulnerability exists in Yifang CMS 2.0.2 and earlier versions, which stems from a cross-site scripting attack due to incorrect operation of the parameter Default Value...

4.8CVSS3.9AI score0.00231EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.7 views

CVE-2024-44096

there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

4.4CVSS6.3AI score0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.5 views

CVE-2024-44099

There is a possible Local bypass of user interaction due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.4AI score0.00078EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.7 views

CVE-2024-47016

there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.2AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:9 a.m.10 views

CVE-2022-43120

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

6.1CVSS5.7AI score0.00498EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.8 views

CVE-2022-20342

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...

3.3CVSS6.4AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 p.m.8 views

CVE-2021-0468

In LK, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

6.6CVSS6.9AI score0.0013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.4 views

CVE-2020-0271

In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081...

7.3CVSS7.5AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:57 p.m.10 views

CVE-2020-0416

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...

9.3CVSS7AI score0.012EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Configure a Proper Value for audit_backlog_limit

auditbackloglimit sets the buffer queue length for audit events awaiting transfer to the audit service. The default value is 64. If the queue is full, audit events are discarded and an alarm log is generated, indicating that the queue is full. If the value is too small, audit events may be lost. ...

7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Configure a Proper Value for LoginGraceTime

LoginGraceTime is used to limit the login time of a user. If a user does not complete the login within the time specified by LoginGraceTime, the connection is automatically disconnected. You are advised to set this field to a value less than or equal to 60, in seconds. If this field is set to a...

6.9AI score
Exploits0References3
Rows per page
Query Builder