15 matches found
CVE-2022-23690
A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. This allows an attacker to retrieve information which could be used to more precisely target the switch for further...
CVE-2019-18850
TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITEPATHQUERY"...
CVE-2019-11641
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
EUVD-2017-1588
Malware in sbrugna...
CVE-2025-41657 AUMA: Incorrect delivery status of the Bluetooth configuration
Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker...
CVE-2025-41657
CVE-2025-41657 concerns an undocumented active Bluetooth stack that enables fingerprinting by an unauthenticated adjacent attacker. Connected sources tie this to AUMA PROFOX and AUMA AC1.2 (and related products) with affected delivery window 01-01-2024 to 09-05-2025. The underlying issue is the p...
CVE-2017-1000461
Brave Software's Brave Browser, version 0.19.73 and earlier is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality that the browser intends to block...
DEBIAN-CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
14Finger Security Vulnerability
14Finger is a full-featured Web fingerprinting and sharing platform by b1ackc4t individual developers. A security vulnerability exists in 14Finger v1.1, which stems from the inclusion of a Remote Command Execution RCE vulnerability in the fingerprinting functionality that allows an attacker to...
CVE-2024-27850
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. A maliciously crafted webpage may be able to fingerprint the user...
CVE-2024-27830
This issue was addressed through improved state management. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user...
CVE-2024-27850
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. A maliciously crafted webpage may be able to fingerprint the user...
CVE-2024-27838
The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 16.7.8 and iPadOS version 16.7.8, which originates from a maliciously...
Debian DSA-4062-1 : firefox-esr - security update
It was discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...