Lucene search
K

61 matches found

NVD
NVD
added 2026/02/09 4:15 a.m.3 views

CVE-2025-66608

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

8.7CVSS0.00121EPSS
Exploits0References1
OSV
OSV
added 2026/02/09 4:15 a.m.3 views

CVE-2025-66608

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

7.5CVSS5.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.5 views

PT-2026-7056

Name of the Vulnerable Software and Affected Versions FAST/TOOLS versions R9.01 through R10.04 Description The software does not properly validate URLs, potentially allowing an attacker to steal files from the web server by sending specially crafted requests. Recommendations Update to a version...

8.7CVSS5.8AI score0.00121EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2026/02/05 12:0 a.m.136 views

📄 Novell GroupWise 8.0 Traversal / Code Injection

Proof of concept exploit for an older vulnerability from 2012 that looks for a directory traversal vulnerability in Novell GroupWise version 8.0 before Support Pack 3 and attempts to upload a webshell if possible...

5CVSS5.3AI score0.75143EPSS
Exploits4
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.2 views

Mustangproject 代码问题漏洞

Mustangproject is an invoice library, validator, and tooling software open-sourced by the ZUGFeRD Community. A code issue vulnerability exists in Mustangproject versions prior to 2.16.3 that stems from allowing file theft via XXE attacks...

2.8CVSS6.7AI score0.00011EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2000-0898

Malware in sbrugna...

5CVSS6.4AI score0.00515EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-48481

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00019EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-48482

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.0002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-48483

Malicious code in bioql PyPI...

6.1CVSS4.7AI score0.00021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.4 views

CVE-2023-44123

The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAGMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Bluetooth "com.lge.bluetoothsetting" app. The attacker's app, if it had access to app notifications, could intercept...

7.8CVSS7AI score0.0002EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.4 views

CVE-2023-44125

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAGIMMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Personalized service "com.lge.abba" app. The attacker's app, if it had access to app notifications, could...

7.8CVSS7AI score0.0002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.3 views

CVE-2023-44124

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording "com.lge.gametools.gamerecorder" app in the "com/lge/gametools/gamerecorder/settings/ProfilePreferenceFragment.java" file. The main problem is that the app launches implicit intents that can be...

6.1CVSS7.2AI score0.00021EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/01/15 5:10 a.m.23 views

Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks

Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution. Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the...

9.9CVSS10AI score0.94049EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.199 views

Android Browser File Theft

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser File Theft', 'Description' = %q This module steals the cookie, password, and autofill databases from the Browser application on...

7.4AI score
Exploits0
Securelist
Securelist
added 2024/05/22 10:0 a.m.13 views

Stealers, stealers and more stealers

Introduction Stealers are a prominent threat in the malware landscape. Over the past year we published our research into several stealers see here, here and here, and for now, the trend seems to persist. In the past months, we wrote several private reports on stealers as we discovered Acrid a new...

7.7AI score
Exploits0
OSV
OSV
added 2023/09/27 3:19 p.m.1 views

CVE-2023-44124

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording "com.lge.gametools.gamerecorder" app in the "com/lge/gametools/gamerecorder/settings/ProfilePreferenceFragment.java" file. The main problem is that the app launches implicit intents that can be...

3.3CVSS5.9AI score0.00021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/27 1:59 p.m.9 views

CVE-2023-44125 Personalized service - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAGIMMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Personalized service "com.lge.abba" app. The attacker's app, if it had access to app notifications, could...

6.1CVSS7AI score0.0002EPSS
Exploits0References1
CVE
CVE
added 2023/09/27 1:52 p.m.51 views

CVE-2023-44123

The CVE-2023-44123 issue affects com.lge.bluetoothsetting and arises from using implicit PendingIntents with PendingIntent.FLAG_MUTABLE, enabling theft/over-write of arbitrary files with system privilege. An attacker’s app with access to notifications could intercept them, redirect to its activit...

7.8CVSS6.6AI score0.0002EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/27 1:42 p.m.50 views

CVE-2023-44122

Summary (CVE-2023-44122): The LG LockScreenSettings app suffers a local-privelege issue where implicit intents can be intercepted by other apps on the same device, allowing theft of files via onActivityResult(). The attacker could cause the app to copy a received file to “/data/shared/dw/mycatego...

7.8CVSS6.6AI score0.00019EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/27 1:42 p.m.15 views

CVE-2023-44122 LockScreenSettings - Theft arbitrary files with system privilege

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings "com.lge.lockscreensettings" app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launches implicit intents that can be...

6.1CVSS7.8AI score0.00019EPSS
Exploits0References1
Rows per page
Query Builder