Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Prion
Prionadded 2024/02/08 8:15 p.m.15 views

Design/Logic Flaw

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...

5CVSS7AI score0.00191EPSS
Exploits1References2Affected Software1
VulnCheck KEV
VulnCheck KEVadded 2024/02/08 12:0 a.m.0 views

VulnCheck KEV: CVE-2024-23660

The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July...

7.5CVSS7.1AI score0.00191EPSS
Exploits1References1
Arista
Aristaadded 2022/04/26 12:0 a.m.36 views

Security Advisory 0076

Security Advisory 0076 . CSAF PDF April 26th, 2022 Revision | Date | Changes ---|---|--- 1.0 | April 26th, 2022 | Initial release 1.1 | May 16th, 2022 | Updated hotfix information The CVE-ID tracking this issue: CVE-2021-28510 CVSSv3.1 Base Score: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L...

7.5CVSS7.5AI score0.00566EPSS
Exploits1Affected Software1
Hacker One
Hacker Oneadded 2019/11/27 7:31 p.m.28 views

Nextcloud: Bypassing Passcode/Device credentials

Assume user have set "App passcode" to "Passcode/Device credentials". So whenever user opens the app, it will prompt to unlock before accessing the app. Unfortunately there is a issue, attacker can able to bypass the lock easily in two ways. Setup 1. Install NextCloud app and Log in. 2. Go to...

3.6CVSS6.5AI score0.00051EPSS
Exploits0
CNVD
CNVDadded 2019/10/12 12:0 a.m.1 views

D-Link DIR-859 and DIR-850L Command Injection Vulnerability

The D-Link DIR-859 is a wireless AC1750 high-power Wi-Fi Gigabit router.The D-Link DIR-850L is a wireless AC1200 dual-band Gigabit cloud router. A command injection vulnerability exists in /etc/services/DEVICE.TIME.php in the D-Link DIR-859 A3-1.06 and DIR-850L A1.13. An attacker can exploit this...

10CVSS8.8AI score0.6737EPSS
Exploits1References1
OSV
OSVadded 2019/10/11 8:15 p.m.1 views

CVE-2019-17508

On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...

9.8CVSS7.3AI score0.6737EPSS
Exploits1References1
Citrix
Citrixadded 2016/11/30 12:0 a.m.5 views

Provisioning Services and Daylight Saving Time

During a Target Device TD boot or reboot, after Daylight Saving Time DST but prior to any vDisk maintenance, you might notice that the TD system time is not consistent with the system time of the PVS Server. A user has reported the inability to log on to the domain. Log on with a local user accou...

6.9AI score
Exploits0
Cisco
Ciscoadded 2016/04/19 12:0 a.m.46 views

Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability

A vulnerability in the ntp subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize ntp associations. The vulnerability is due to missing authorization checks on certain ntp packets. An attacker could exploit this vulnerability by ingressing...

4.3CVSS7.5AI score0.00161EPSS
Exploits0References1
Rows per page
Query Builder