Lucene search
K

1555 matches found

OSV
OSV
added 2019/12/18 6:15 p.m.0 views

CVE-2019-8662

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary...

9.8CVSS5.7AI score0.09776EPSS
Exploits2References4
Hacker One
Hacker One
added 2019/11/24 10:24 a.m.157 views

Internet Bug Bounty: Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd

Full background information is at our website and detailed information can be found in our research paper. Vulnerability Summary First Disclosure Summarized, the Dragonfly handshake of WPA3 and EAP-pwd is supposed to prevent dictionary attacks. However, we discovered design flaws that still enabl...

7.5CVSS8AI score0.07624EPSS
Exploits1
OSV
OSV
added 2019/11/12 10:15 p.m.8 views

CVE-2010-3440

babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files...

5.5CVSS6.6AI score0.00256EPSS
Exploits0References3
CVE
CVE
added 2019/11/12 9:26 p.m.70 views

CVE-2010-3440

CVE-2010-3440 affects Babiloo, specifically version 2.0.9 prior to 2.0.11. The flaw arises when downloading and unpacking dictionary files: the program creates temporary files with predictable names, enabling a local attacker to overwrite arbitrary files on the host. Impact is local, with potenti...

5.5CVSS5.4AI score0.00256EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/11/06 10:15 a.m.2 views

DEBIAN-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS5.8AI score0.02084EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 10:15 a.m.2 views

ALPINE-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS6.5AI score0.02084EPSS
Exploits0References1
OSV
OSV
added 2019/11/06 10:15 a.m.20 views

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS6.5AI score0.02084EPSS
Exploits0References9
Prion
Prion
added 2019/11/06 10:15 a.m.24 views

Default credentials

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

4.9CVSS4.6AI score0.02084EPSS
Exploits0References9Affected Software3
Debian CVE
Debian CVE
added 2019/11/06 12:0 a.m.31 views

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS5.4AI score0.02084EPSS
Exploits0
Cvelist
Cvelist
added 2019/11/06 12:0 a.m.24 views

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

4.2CVSS6AI score0.02084EPSS
Exploits0References9
CVE
CVE
added 2019/11/06 12:0 a.m.544 views

CVE-2019-14833

CVE-2019-14833 affects Samba, specifically the AD DC password handling where a custom script for password complexity may fail to verify non‑ASCII passwords, potentially allowing weak passwords and dictionary attacks. Affected releases include Samba 4.5.0 up to but not including 4.9.15, and also 4...

5.4CVSS5.9AI score0.02084EPSS
Exploits0References9Affected Software1
CNVD
CNVD
added 2019/11/04 12:0 a.m.18 views

Memory corruption vulnerability in python dict objects

Python is a cross-platform computer programming language. A memory corruption vulnerability exists in python dict objects, which can be exploited by an attacker to cause a denial of service on a server...

6.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2019/10/29 12:0 a.m.26 views

CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS6.3AI score0.02084EPSS
Exploits0References3
OSV
OSV
added 2019/10/29 12:0 a.m.2 views

UBUNTU-CVE-2019-14833

A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...

5.4CVSS6.2AI score0.02084EPSS
Exploits0References4
CNVD
CNVD
added 2019/10/23 12:0 a.m.3 views

D-Link DAP-1320 Authorization Issues Vulnerability

The D-Link DAP-1320 is a wireless signal extender from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DAP-1320 A2-V1.21 version, which originates from some web interfaces that do not require authentication. An attacker could obtain the user's Wi-Fi SSID and password to...

7.5CVSS7AI score0.01685EPSS
Exploits1References1
NVD
NVD
added 2019/10/14 6:15 p.m.9 views

CVE-2019-12941

AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same hash function output input i...

10CVSS9.7AI score0.02377EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/10/14 5:2 p.m.13 views

CVE-2019-12941

AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same hash function output input i...

9.8AI score0.02377EPSS
Exploits1References3
CVE
CVE
added 2019/10/14 5:2 p.m.95 views

CVE-2019-12941

Summary : CVE-2019-12941 affects AutoPi Wi‑Fi/NB and AutoPi 4G/LTE devices prior to 2019-10-15. The default WiFi password and WiFi SSID are derived from the same hash function output using an 8‑character input, enabling an attacker to perform brute‑force or dictionary attacks to gain access to th...

10CVSS9.6AI score0.02377EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2019/10/11 8:15 p.m.14 views

Authentication flaw

D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplinkinfo.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack...

5CVSS7.6AI score0.01685EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/11 7:28 p.m.20 views

CVE-2019-17505

D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplinkinfo.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack...

7.6AI score0.01685EPSS
Exploits1References1
Rows per page
Query Builder