Lucene search
+L

535 matches found

Prion
Prion
added 2018/03/26 4:29 p.m.13 views

Authentication flaw

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access...

7.2CVSS6.8AI score0.00424EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/03/26 4:29 p.m.4 views

CVE-2017-15534

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access...

6.7CVSS5.8AI score0.00424EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/26 4:0 p.m.21 views

CVE-2017-15534

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access...

6.9AI score0.00424EPSS
Exploits0References2
CVE
CVE
added 2018/03/05 5:0 p.m.52 views

CVE-2018-5455

The CVE-2018-5455 vulnerability affects Moxa OnCell G3100-HSPA Series (version 1.4 Build 16062919 and earlier). It stems from reliance on cookies without validation or integrity checking, allowing a cookie parameter consisting only of digits to be brute-forced, bypassing authentication and enabli...

9.8CVSS9.3AI score0.01591EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/21 12:0 a.m.7 views

The vulnerability of Microprogrammed Software for Korenix switches, related to the use of pre-installed account data, allows a perpetrator to gain access to the device.

The vulnerability of Microprogrammed Software for Korenix switches relates to the use of pre-set credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the device...

10CVSS5.5AI score0.02848EPSS
Exploits0References3Affected Software9
Prion
Prion
added 2017/12/16 2:29 a.m.29 views

Default credentials

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials...

10CVSS9.5AI score0.06085EPSS
Exploits0References4Affected Software1
Citrix
Citrix
added 2017/12/12 12:0 a.m.9 views

Receiver Warning: "A Potentially UNSAFE Connection to the Computer Has Been Initiated"

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. -Getting warning message:"A potentially UNSAFE connection to the computer has been initiated" when...

7.1AI score
Exploits0
OSV
OSV
added 2017/11/07 4:29 p.m.5 views

CVE-2017-12085

An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability...

9.8CVSS5.9AI score0.01671EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.5 views

kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism

The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

7.8CVSS7.2AI score0.00308EPSS
Exploits0References4
GoogleProjectZero
GoogleProjectZero
added 2017/08/23 12:0 a.m.92 views

Bypassing VirtualBox Process Hardening on Windows

Posted by James Forshaw, Project Zero Processes on Windows are securable objects, which prevents one user logged into a Windows machine from compromising another user’s processes. This is a pretty important security feature, at least from the perspective of a non-administrator user. The security...

8.8CVSS8.7AI score0.01643EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2017/04/24 12:0 a.m.26 views

PT-2017-4905 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 4.x Description: The issue is a memory leak in the videobuf subsystem, specifically in the drivers/media/video/videobuf-core.c file. This allows local users to cause a denial of service by consuming memory...

10CVSS7AI score0.16908EPSS
Exploits118References809
exploitpack
exploitpack
added 2017/04/20 12:0 a.m.17 views

Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation

Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1091 This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualB...

0.6AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2017/03/10 12:0 a.m.9 views

DLL hijacking and the Opera browser

Security DLL hijacking and the Opera browser Share March 10th, 2017 Recently, a collection of documents was released online, which was claimed to have originated with a major World power. The documents listed hacking vectors that could be used to inject code into major operating systems and...

8.8CVSS7.4AI score0.01654EPSS
Exploits4References1
OSV
OSV
added 2017/02/14 7:7 p.m.8 views

SUSE-SU-2017:0464-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.69 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8962: Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges...

9.3CVSS8.9AI score0.02966EPSS
Exploits9References97
OSV
OSV
added 2017/02/13 9:59 p.m.6 views

CVE-2016-5818

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...

9.8CVSS5.8AI score0.01944EPSS
Exploits0References2
NVD
NVD
added 2017/02/13 9:59 p.m.16 views

CVE-2016-5818

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device...

9.8CVSS9.5AI score0.01944EPSS
Exploits0References2
ICS
ICS
added 2017/01/17 12:0 a.m.76 views

BD Alaris 8015 PC Unit (Update B)

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Becton, Dickinson and Company BD Equipment: BD Alaris 8015 PC Unit Vulnerabilities: Insufficiently Protected Credentials, Security Features 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory...

5.3CVSS6.4AI score0.01004EPSS
Exploits0References5
CNVD
CNVD
added 2017/01/10 12:0 a.m.6 views

Rockwell Automation MicroLogix 1100 and 1400 Unauthorized Access Vulnerability

Rockwell Automation is a British company that provides industrial automation control and globalized information. the MicroLogix 1100 and 1400 series products are used in food, agriculture, and water and wastewater systems, among other applications. An unauthorized access vulnerability exists in...

7.3CVSS6.7AI score0.04028EPSS
Exploits0References1
OSV
OSV
added 2016/12/30 6:59 p.m.7 views

CVE-2016-10088

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

7CVSS7.1AI score
Exploits0References9
Positive Technologies
Positive Technologies
added 2016/12/01 12:0 a.m.3 views

PT-2016-3112 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8.13 Description: The issue is related to a use-after-free vulnerability in the kvm ioctl create device function. This vulnerability can be exploited by host OS users to cause a denial of service, resulting in...

10CVSS7.2AI score0.11127EPSS
Exploits23References41
Rows per page
Query Builder