Lucene search
K

158 matches found

VMware
VMware
added 2017/03/02 12:0 a.m.512 views

Horizon DaaS update addresses an insecure data validation issue

a. Horizon DaaS insecure data validation Horizon DaaS contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitati...

7.1CVSS1AI score0.01148EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2016/06/15 12:0 a.m.1091 views

RMI Java Deserialization RCE Vulnerability (Jun 2016) - Active Check

The remote host is affected by a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS9.5AI score0.13268EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2015/10/01 12:0 a.m.5 views

The vulnerability of the iOS operating system, which allows a hacker to obtain the user’s email address

The vulnerability of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain the user’s email address through a specially crafted application for the Game Center...

4.3CVSS5.5AI score0.0145EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2015/09/16 2:59 p.m.11 views

Design/Logic Flaw

The tweetinfo function in class/functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man-in-the-middle attackers to conduct PHP object injection attacks and execute arbitrary PHP code by...

6.8CVSS8.1AI score0.01907EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2015/03/21 12:0 a.m.54 views

EMC M&R multiple security vulnerabilities

Crossite scripting, insecure data storage, directory traversal, unrestricted files upload...

6.5CVSS2.1AI score0.07647EPSS
Exploits18References7
Hacker One
Hacker One
added 2015/01/22 11:40 a.m.48 views

X (Formerly Twitter): Insecure Data Storage in Vine Android App

Hi Twitter, - Vulnerability Class:OWASP M2 : Insecure Data Storage Every application needs to store something secret, like a website username,password, cookies etc. , internal storage is the place to do it, android sandbox prevents other applications from accessing this data but,In vine android a...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Mod_Auth_OpenID Session Stealing Vulnerability

No description provided by source. https://github.com/paranoid/modauthopenid/blob/master/CVE-2012-2760.markdown Security Advisory 1201 Summary : Session stealing Date : May 2012 Affected versions : all versions prior to modauthopenid-0.7 ID : modauthopenid-1201 CVE reference : CVE-2012-2760 Detai...

2.1CVSS6.5AI score0.01004EPSS
Exploits5
Kitploit
Kitploit
added 2014/02/23 1:8 a.m.23 views

[DVIA] Damn Vulnerable iOS Application

.png Damn Vulnerable iOS App DVIA is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2014/02/02 8:46 p.m.10 views

Test your Mobile Hacking and Penetration testing Skills with Damn vulnerable iOS app

Smartphones are powerful and popular, with more than thousands of new mobile apps hitting the market everyday. Apps and mobile devices often rely on consumers' data, including private information, photos, and location, that can be vulnerable to data breaches, surveillance and real-world thieves...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/01/14 12:0 a.m.56 views

Starbucks 2.6.1 Information Disclosure

Title: CVE-2014-0647 Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application Published: January 13, 2014 Reported to Vendor: December 2013 no direct response CVE Reference: CVE-2014-0647 Credit: This issue was discovered by Daniel E. Wood...

2.1CVSS6.8AI score0.0038EPSS
Exploits1
securityvulns
securityvulns
added 2013/12/30 12:0 a.m.48 views

Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities

Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: December 7, 2013 Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 https://vulners.com/cve/CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...

2.1CVSS5.8AI score0.00561EPSS
Exploits1
Packet Storm
Packet Storm
added 2013/12/08 12:0 a.m.35 views

ZippyYum 3.4 Insecure Data Storage

Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: DATE Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...

2.1CVSS6.7AI score0.00561EPSS
Exploits1
securityvulns
securityvulns
added 2008/10/06 12:0 a.m.19 views

Mac OS X Mail.App insecure data storage

Encrypted messages are stored in cleartext...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/10/11 12:0 a.m.30 views

Множественные уязвимости в SimpleViewerAdmin

+++++++++++++++++++++++++++++++++++++++++++++++ Множественные уязвимости в SimpleViewerAdmin +++++++++++++++++++++++++++++++++++++++++++++++ Затронутые продукты: SimpleViewerAdmin v1.7, возможно и более ранние версии. +++++++++++++++++++++++++++++++++++++++++++++++ Описание: SimpleViewerAdmin - э...

0.6AI score
Exploits0
0day.today
0day.today
added 2005/07/11 12:0 a.m.40 views

BlogTorrent <= 0.92 Remote Password Disclosure Exploit

Exploit for unknown platform in category web applications ====================================================== BlogTorrent 14ae696abdca1688dd577fe486c3981f331457b0d7 Password crypt in md5 - d7b82821fe725305bded2fab9e91ed1e0e6fd93bee LazyCrsATGMailDOTcom - pjphemATmyboxDOTit FREE RAFA! FREE RAFA...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/12/27 12:0 a.m.23 views

CleanCache v2.19: False Sense of Security

This is a similar if not exact problem that I found with the program Window Washer 5.x by Web Root: http://www.securityfocus.com/archive/1/372717 Publisher: ButtUglySoftware Program Description: CleanCache v.2.19 will clean up your Windows computer, such as IE cache, cookies and temp directories ...

7AI score
Exploits0
NVD
NVD
added 2004/09/16 4:0 a.m.22 views

CVE-2004-0871

Mozilla does not prevent cookies that are sent over an insecure channel HTTP from also being sent over a secure channel HTTPS/SSL in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."...

5CVSS6.6AI score0.01139EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2002/07/31 12:0 a.m.16 views

Trillian 0.x IRC Module - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/5373/info A buffer overflow condition has been reported in the Trillian IRC module. The condition is due to insecure handling of data extracted from server responses. An attacker in control of a malicious server may exploit vulnerable clients who have...

7.4AI score
Exploits0
Rows per page
Query Builder