Lucene search
K

612 matches found

CVE
CVE
added 2019/11/14 4:24 p.m.39 views

CVE-2019-15338

The CVE-2019-15338 entry concerns Lava Iris 88 Lite (build fingerprint LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys}). A pre-installed app with package name com.android.lava.powersave (versionCode 400, versionName v4.0.27) exposes an interface that lets any co-located ap...

3.3CVSS4AI score0.00248EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.27 views

CVE-2019-15338

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the devic...

3.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.16 views

CVE-2019-15334

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to...

3.8AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2019/11/14 4:24 p.m.41 views

CVE-2019-15334

The CVE-2019-15334 entry concerns the Lava Iris 88 Go Android device. A pre-installed app (package com.android.lava.powersave, versionCode 400, versionName v4.0.27) exposes an interface that lets any co-located app programmatically disable and enable Wi‑Fi without the required access permission. ...

3.3CVSS4AI score0.00248EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/11/12 5:15 p.m.1 views

CVE-2019-18925

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication...

9.8CVSS7.3AI score0.01438EPSS
Exploits0References1
NVD
NVD
added 2019/11/12 5:15 p.m.13 views

CVE-2019-18924

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ and variations, it is possible to list all the directories and check if a particular file exists...

5.3CVSS5.3AI score0.01299EPSS
Exploits0References1
NVD
NVD
added 2019/11/12 5:15 p.m.23 views

CVE-2019-18926

Systematic IRIS Standards Management ISM v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting XSS. A user input related to dialog information is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the...

6.1CVSS6.2AI score0.00649EPSS
Exploits0References1
OSV
OSV
added 2019/11/12 5:15 p.m.2 views

CVE-2019-18924

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ and variations, it is possible to list all the directories and check if a particular file exists...

5.3CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2019/11/12 5:15 p.m.3 views

CVE-2019-18926

Systematic IRIS Standards Management ISM v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting XSS. A user input related to dialog information is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the...

6.1CVSS6.3AI score0.00649EPSS
Exploits0References1
NVD
NVD
added 2019/11/12 5:15 p.m.20 views

CVE-2019-18925

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication...

9.8CVSS9.5AI score0.01438EPSS
Exploits0References1
Prion
Prion
added 2019/11/12 5:15 p.m.12 views

Authentication flaw

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication...

7.5CVSS9.4AI score0.01438EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/12 5:15 p.m.13 views

Cross site scripting

Systematic IRIS Standards Management ISM v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting XSS. A user input related to dialog information is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the...

4.3CVSS6.1AI score0.00649EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/12 5:15 p.m.15 views

Directory traversal

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ and variations, it is possible to list all the directories and check if a particular file exists...

5CVSS5.3AI score0.01299EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/11/12 4:15 p.m.40 views

CVE-2019-18925

The records consistently identify an authentication bypass in Systematic IRIS WebForms 5.4, where “its functionalities can be accessed and used without any form of authentication.” Red Hat and NVD corroborate this as CVE-2019-18925, with a high/critical impact profile (CVSS v3.1: CRITICAL, base s...

9.8CVSS9.4AI score0.01438EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/12 4:15 p.m.24 views

CVE-2019-18925

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication...

9.6AI score0.01438EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/12 4:15 p.m.22 views

CVE-2019-18926

Systematic IRIS Standards Management ISM v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting XSS. A user input related to dialog information is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack against users of the...

6.2AI score0.00649EPSS
Exploits0References1
CVE
CVE
added 2019/11/12 4:15 p.m.34 views

CVE-2019-18926

CVE-2019-18926 affects Systematic IRIS Standards Management (ISM) v2.1 SP1 89. It is vulnerable to unauthenticated reflected XSS via a user input (dialog information) reflected in the page. The Red Hat/NVD entries confirm the same description. No explicit exploit details or remediation are provid...

6.1CVSS6.1AI score0.00649EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/11/12 4:15 p.m.37 views

CVE-2019-18924

CVE-2019-18924 affects IRIS WebForms 5.4. The root cause is a directory-traversal flaw: manipulating file-referencing variables with ../ and variations allows listing directories and checking for file existence. Exploitation or in-wild details are not provided in the connected documents. Remediat...

5.3CVSS5.2AI score0.01299EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/12 4:15 p.m.21 views

CVE-2019-18924

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ and variations, it is possible to list all the directories and check if a particular file exists...

5.3AI score0.01299EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2019/09/05 6:50 p.m.8 views

regiocast.api.iris.radiorepo.io Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-956839 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.6AI score
Exploits0
Rows per page
Query Builder