Lucene search
K

1555 matches found

CNVD
CNVD
added 2020/04/27 12:0 a.m.2 views

DLL Hijacking Vulnerability in Netease Youtube Dictionary

NetEase Yudao Dictionary is an all-around free language translation software based on search engine technology produced by Guangzhou NetEase Computer System Co. A DLL hijacking vulnerability exists in Netease Youdao Dictionary, which can be exploited by attackers to gain server privileges...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/04/15 12:0 a.m.1 views

There is a dll hijacking vulnerability in Youdao Dictionary

Youdao Dictionary is an all-around free language translation software based on search engine technology produced by NetEase Youdao. There is a dll hijacking vulnerability in Youdao Dictionary, which can be exploited by attackers to load a malicious dll and execute arbitrary code...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/08 5:7 a.m.21 views

CVE-2019-2746

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Data Dictionary. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

6.5CVSS2.7AI score0.01834EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/02 2:5 p.m.33 views

CVE-2019-14833

A flaw was found in Samba in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASC...

5.4CVSS1.3AI score0.02084EPSS
Exploits0References4
CNVD
CNVD
added 2020/03/25 12:0 a.m.2 views

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-32870)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to perform downgrade and/or dictionary attacks...

5.4CVSS6.6AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2020/03/24 7:15 p.m.14 views

CVE-2019-20575

An issue was discovered on Samsung mobile devices with P9.0 software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 August 2019...

5.4CVSS5.6AI score0.00121EPSS
Exploits0References1
OSV
OSV
added 2020/03/24 7:15 p.m.1 views

CVE-2019-20575

An issue was discovered on Samsung mobile devices with P9.0 software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 August 2019...

5.4CVSS6.1AI score0.00121EPSS
Exploits0References1
Prion
Prion
added 2020/03/24 7:15 p.m.15 views

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with P9.0 software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 August 2019...

4.8CVSS5.6AI score0.00121EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/24 6:43 p.m.53 views

CVE-2019-20575

The CVE-2019-20575 entry concerns Samsung mobile devices running P(9.0). The vulnerability lies in the WPA3 handshake, allowing a downgrade or dictionary attack. Affected component: WPA3 handshake implementation on Samsung devices (SVE-2019-14204 reference). The available connected records corrob...

5.4CVSS5.6AI score0.00121EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.43 views

EulerOS Virtualization for ARM 64 3.0.2.0 : samba (EulerOS-SA-2020-1231)

According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP...

6.5CVSS6.2AI score0.03515EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1231)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.03515EPSS
Exploits1References2
Gitee
Gitee
added 2020/03/12 12:6 p.m.7 views

maltrail

Maltrail is a malicious traffic detection system that utilizes publicly available blacklists containing malicious and/or generally suspicious trails. It also uses optional advanced heuristic mechanisms to help in discovery of unknown threats. The system can be configured to ignore certain events...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2020/03/07 8:10 p.m.31 views

Urban Dictionary: Bypass voting restriction due to HTTP Header Injection

It is possible to bypass the voting restriction by adding a specially crafted HTTP-Header. The underlying algorithm uses the ip address to restirct the voting of a user. However, by manipulating the IP-Adress via adding the HTTP-Header "X-Forwarded-For" it is possible to vote a entry up or down...

0.9AI score
Exploits0
OSV
OSV
added 2020/02/13 3:15 p.m.3 views

CVE-2020-0017

In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8...

4.4CVSS5.9AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/01/25 10:2 p.m.21 views

CVE-2018-5389

It was found that IKEv1 and potentially IKEv2 authentication when using a pre-shared key PSK is vulnerable to offline dictionary attacks in Main Mode as well as in Aggressive Mode. A man-in-the-middle attacker who intercepted the handshake of two peers authenticating with a PSK, could apply a...

5.9CVSS3.9AI score0.03038EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2020/01/24 6:51 p.m.10 views

urdu.english-dictionary.help Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1074225 Security Researcher MrRain1996 Helped patch 1007 vulnerabilities Received 5 Coordinated Disclosure badges Received 9 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2303)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS6.4AI score0.02355EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2016-1059)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.7AI score0.04557EPSS
Exploits0References2
Mageia
Mageia
added 2020/01/05 3:37 p.m.40 views

Updated freeradius packages fix security vulnerabilities

Updated freeradius packages fix security vulnerabilities: It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a...

7.5CVSS1.7AI score0.02168EPSS
Exploits4References4
Prion
Prion
added 2020/01/03 8:15 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in bsi.dll in Bank Soft Systems BSS RBS BS-Client. Private Client aka RBS BS-Client. Retail Client 2.5, 2.4, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 DICTIONARY, 2 FILTERIDENT, 3 FROMSCHEME, 4 FromPoint, ...

4.3CVSS6AI score0.00806EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder