Lucene search
K

403 matches found

CVE
CVE
added 2017/03/27 9:0 p.m.44 views

CVE-2017-5237

CVE-2017-5237 affects the Eview EV-07S GPS Tracker. The issue stems from a lack of authentication, allowing an unauthenticated user who knows the device’s phone number to revert it to factory default via an SMS command (“RESET!”). This corresponds to a high impact on availability (CVSSv3: 7.5) wi...

7.8CVSS7.5AI score0.02013EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/03/27 9:0 p.m.16 views

CVE-2017-5238

Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field...

5.4AI score0.00886EPSS
Exploits0References2
CVE
CVE
added 2017/03/27 9:0 p.m.44 views

CVE-2017-5239

CVE-2017-5239 concerns the Eview EV-07S GPS Tracker, where information disclosure occurs due to a lack of standard encryption when transmitting sensitive data (e.g., GPS data, IMEI) to a centralized monitoring service. The vulnerability implies potential MITM exposure of PII over the network. The...

7.5CVSS7.3AI score0.00485EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2017/03/24 10:22 a.m.14 views

Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates

Google announced its plans to punish Symantec by gradually distrusting its SSL certificates after the company was caught improperly issuing 30,000 Extended Validation EV certificates over the past few years. The Extended Validation EV status of all certificates issued by Symantec-owned certificat...

6.4AI score
Exploits0
CNVD
CNVD
added 2016/12/05 12:0 a.m.7 views

BlueZ read-across-the-border vulnerability (CNVD-2016-11953)

BlueZ is an official Bluetooth stack for Linux. A security vulnerability exists in the 'lemetaevdump' function in the tools/parser/hci.c source file of BlueZ version 5.42. An attacker can exploit this vulnerability to read data across boundaries...

5.3CVSS8.7AI score0.02473EPSS
Exploits1References1
OSV
OSV
added 2016/12/03 6:59 a.m.5 views

UBUNTU-CVE-2016-9803

In BlueZ 5.42, an out-of-bounds read was observed in "lemetaevdump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' which is used to read correct element from 'evlemetastr' array is overflowed...

5.3CVSS6.4AI score0.02473EPSS
Exploits1References3
CVE
CVE
added 2014/07/08 10:0 p.m.56 views

CVE-2014-2783

CVE-2014-2783 affects Microsoft Internet Explorer 7–11. Description confirms a security feature bypass: IE fails to prevent the use of wildcard EV SSL certificates, enabling remote attackers to spoof a site’s trust level by exploiting an EV certificate issuance issue. Impact described in sources ...

6.4CVSS6.5AI score0.08622EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/07/08 10:0 p.m.25 views

CVE-2014-2783

Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority, aka "Extended Validation EV Certificate...

7.4AI score0.08622EPSS
Exploits0References4
Symantec
Symantec
added 2014/07/08 12:0 a.m.23 views

Microsoft Internet Explorer Extended Validation SSL Certificate Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass EV SSL certificate guidelines by using a wildcard certificate. This may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Au...

7.5AI score
Exploits0Affected Software5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

PHPNuke 7.7 EV Search Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16186/info PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

FreeHost 1.00 - Upload Vulnerability

No description provided by source. ======================================================================================== | Title : FreeHost Version 1.00 Upload Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -0021377181886...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.33 views

openSUSE Security Update : seamonkey (openSUSE-SU-2014:0008-1)

This update fixes the following security issues with SeaMonkey : - update to SeaMonkey 2.23 bnc854370 - requires NSPR 4.10.2 and NSS 3.15.3.1 - MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards - MFSA 2013-105/CVE-2013-5611 bmo771294 Application Installation doorhanger...

10CVSS7.8AI score0.11076EPSS
Exploits13References17
NVD
NVD
added 2014/01/15 4:8 p.m.19 views

CVE-2013-2819

The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted 1 update or 2 reprogramming action...

9.3CVSS6.7AI score0.01866EPSS
Exploits0References2
Prion
Prion
added 2014/01/15 4:8 p.m.13 views

Deserialization of untrusted data

The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted 1 update or 2 reprogramming action...

9.3CVSS7.3AI score0.01866EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/01/15 4:8 p.m.13 views

Design/Logic Flaw

The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388...

10CVSS7.2AI score0.039EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/01/15 4:0 p.m.24 views

CVE-2013-2819

The Sierra Wireless AirLink Raven X EV-DO gateway 42214.0.11.003 and 42284.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted 1 update or 2 reprogramming action...

6.7AI score0.01866EPSS
Exploits0References2
CVE
CVE
added 2014/01/15 4:0 p.m.56 views

CVE-2013-2820

CVE-2013-2820 affects Sierra Wireless AirLink Raven X EV-DO gateways (firmware versions V4221_4.0.11.003 and V4228_4.0.11.003). The vulnerability allows remote replay attacks that reprogram the device firmware via UDP ports 17336 and 17388, potentially impacting availability and function. ICS-CER...

10CVSS7AI score0.039EPSS
Exploits0References2Affected Software19
CVE
CVE
added 2014/01/15 4:0 p.m.50 views

CVE-2013-2819

The Sierra Wireless AirLink Raven X EV-DO gateway (versions V4221_4.0.11.003 and V4228_4.0.11.003) is affected by CVE-2013-2819 due to missing encryption of the update/reprogramming process and use of plain text credentials, enabling remote firmware reprogramming and potential denial of service. ...

9.3CVSS7AI score0.01866EPSS
Exploits0References2Affected Software19
OpenVAS
OpenVAS
added 2013/12/23 12:0 a.m.38 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Dec 2013) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

10CVSS8.2AI score0.11076EPSS
Exploits10References9
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.27 views

Ubuntu Update for thunderbird USN-2053-1

Check for the Version of thunderbird OpenVAS Vulnerability Test $Id: gbubuntuUSN20531.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for thunderbird USN-2053-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

10CVSS0.6AI score0.11076EPSS
Exploits10References2
Rows per page
Query Builder