Lucene search
+L

102 matches found

Openbugbounty
Openbugbounty
added 2022/07/29 12:51 a.m.22 views

All Vulnerabilities for hazard.iss.nasa.gov Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Code423n4
Code423n4
added 2022/04/30 12:0 a.m.14 views

Moral hazard of borrower calling liquidate() and potential Oracle manipulation

Lines of code Vulnerability details Impact In the InceptionVaultsCore contract, the liquidate and liquidatePartial function can be called anyone. This means that the borrower for a specific vaultId can call liquidate or liquidatePartial on his own vault. Furthermore, the project incentivizes...

6.7AI score
Exploits0
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.24 views

Mozilla Firefox Security Advisory (MFSA2014-01) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

10CVSS9.6AI score0.06779EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.16 views

Mozilla Firefox Security Advisory (MFSA2013-92) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.3CVSS6.4AI score0.05908EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/09/20 5:15 p.m.8 views

citrinedjangomodule (=1.0.0), cligo (>=1.0.0 <=1.2.1) +24 more potentially affected by CVE-2021-32839 via sqlparse (>=0.4.0 <=0.4.1)

sqlparse PYPI version =0.4.0, =1.0.0, =4.15.0, =1.0.9, =0.0.1, =0.2.0, =0.0.1, =0.14.2, =0.0.6, =0.0.10, =0.0.204 and more Source cves: CVE-2021-32839 Source advisory: OSV:PYSEC-2021-333...

7.5CVSS7AI score0.02295EPSS
Exploits0
CNVD
CNVD
added 2021/09/15 12:0 a.m.14 views

Siemens Desigo CC Series CCOM Communication Component Deserialization Vulnerability

Cerberus DMS is a hazard management station that helps users manage fire safety and security incidents.Desigo CC is an integrated building management platform for managing high-performance buildings.Desigo CC Compact expands the portfolio with solutions tailored for small and medium-sized...

10CVSS9.8AI score0.0189EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2014:0905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06329EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/04/29 12:0 a.m.3 views

PT-2021-8038 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc6+ Description: The vulnerability is related to a stack out-of-bounds read in the sch frag function when fragmenting IPv4 packets. This occurs when act mirred tries to fragment IPv4 packets that had bee...

9.4CVSS6.5AI score0.0023EPSS
Exploits0References14
vulnersOsv
vulnersOsv
added 2021/03/19 9:29 p.m.6 views

feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)

channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:GHSA-V542-8Q9X-CFFC...

7.4CVSS7.1AI score0.02658EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2021/03/16 12:0 a.m.38 views

Siemens Solid Edge Viewer Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.9AI score0.01509EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/02/22 3:15 a.m.14 views

feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)

channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:PYSEC-2021-113...

7.4CVSS7.1AI score0.02658EPSS
Exploits1
Exploit DB
Exploit DB
added 2021/01/22 12:0 a.m.279 views

Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/12/20 12:0 a.m.3 views

SQL Injection Vulnerability in Geological Hazard Monitoring and Early Warning Internet of Things Platform

The business scope of Beijing Jiangwei Times Technology Co., Ltd. includes: technology promotion services; software design; economic and trade consulting; computer system services; basic software services and so on. There is a SQL injection vulnerability in the geological disaster monitoring and...

7.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/03/12 1:15 p.m.4 views

bitcoinq (=0.0.1), bitdust-p2p (>=0.0.2 <=0.0.3) +28 more potentially affected by CVE-2020-10108 via twisted (=20.3.0)

twisted PYPI version =20.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on twisted and may be impacted: - bitcoinq =0.0.1 - bitdust-p2p =0.0.2, =0.3.4, =3.2.2, =0.3.0a0, =0.1.0, =0.2.0, =1.0.0, =0.5.0, =0.9.0, =2.1.0b2, =1.0.2, =1.0.9 - pade =2.2.4 a...

9.8CVSS7.4AI score0.03973EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/03/12 1:15 p.m.6 views

bitcoinq (=0.0.1), bitdust-p2p (>=0.0.2 <=0.0.3) +28 more potentially affected by CVE-2020-10109 via twisted (=20.3.0)

twisted PYPI version =20.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on twisted and may be impacted: - bitcoinq =0.0.1 - bitdust-p2p =0.0.2, =0.3.4, =3.2.2, =0.3.0a0, =0.1.0, =0.2.0, =1.0.0, =0.5.0, =0.9.0, =2.1.0b2, =1.0.2, =1.0.9 - pade =2.2.4 a...

9.8CVSS7.4AI score0.03208EPSS
Exploits1
Hacker One
Hacker One
added 2020/03/09 5:14 a.m.153 views

Nord Security: Account deletion requests not entirely honoured. Misinformation even after seeking clarification from customer support.

Summary: Requesting account deletion from NordVPN customer support that is supposed to have "removed your account from our database." does not truly remove account from database. Even after asking if critical information such a billing information is removed, which customer support confirms...

6.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/09/10 11:23 a.m.49 views

On Cybersecurity Insurance

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the available evidence so far should give policymakers pause. Cyber insurance...

1.3AI score
Exploits0
Prion
Prion
added 2019/07/23 2:15 p.m.22 views

Design/Logic Flaw

Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

4.3CVSS6.5AI score0.01502EPSS
Exploits0References13Affected Software3
ThreatPost
ThreatPost
added 2019/07/12 1:50 p.m.224 views

Hacked Hair Straighteners Can Threaten Homes

Researchers have found a way to successfully hack connected hair straighteners to turn them on and increase the heating element up to its maximum temperature—causing a serious fire hazard for unsuspecting owners. Pen Test Partners decided to put the Glamoriser hair straightener through its securi...

7.5AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/05/21 2:22 p.m.73 views

Millions of Golfers Land in Privacy Hazard After Cloud Misconfig

Finding cloud databases with sensitive information left open to the internet has become par for the course these days – as a new exposure of millions of sensitive data points for the users of a golf app demonstrates. Millions of golfer records from the Game Golf app, including GPS details from...

7AI score
Exploits0References6
Rows per page
Query Builder