Lucene search
K

54 matches found

Positive Technologies
Positive Technologies
added 2024/02/19 12:0 a.m.4 views

PT-2024-7724 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the netlink component of the Linux kernel, where the validation code reads past a malformed attribute due to a missing size in the minlen array for NLA BE32. Th...

9.1CVSS6.7AI score0.01219EPSS
Exploits11References914
OSV
OSV
added 2023/09/30 9:15 p.m.8 views

CVE-2023-43715

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "ENTRYFIRSTNAMEMINLENGTHTITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

5.4CVSS5.9AI score0.00431EPSS
Exploits1References2
OSV
OSV
added 2022/10/29 7:0 p.m.30 views

GHSA-2RR3-RV49-P42F phpMyFAQ contains Weak Password Requirements

phpMyFAQ prior to version 3.1.8 has Weak Password Requirements. Version 3.1.8 introduces an eight-character minimum password length...

9.8CVSS9.5AI score0.01139EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/10/29 7:0 p.m.34 views

phpMyFAQ contains Weak Password Requirements

phpMyFAQ prior to version 3.1.8 has Weak Password Requirements. Version 3.1.8 introduces an eight-character minimum password length...

9.8CVSS9.1AI score0.01139EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/01/13 7:13 p.m.15 views

GHSA-V5RV-HPXG-8X49 Signature validation bypass in ServiceStack

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5.3CVSS5.2AI score0.02325EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2021/01/13 7:13 p.m.68 views

Signature validation bypass in ServiceStack

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5.3CVSS5.5AI score0.02325EPSS
Exploits1References8Affected Software1
The Hacker News
The Hacker News
added 2021/01/07 10:23 a.m.5 views

How Does Your AD Password Policy Compare to NIST's Password Recommendations?

End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your user...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.10 views

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...

9.1CVSS7.4AI score0.00879EPSS
Exploits0References4
OSV
OSV
added 2020/11/02 9:15 p.m.17 views

CVE-2020-28042

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5.3CVSS6.9AI score
Exploits0References4
NVD
NVD
added 2020/11/02 9:15 p.m.25 views

CVE-2020-28042

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5.3CVSS5.3AI score0.02325EPSS
Exploits1References4
Prion
Prion
added 2020/11/02 9:15 p.m.20 views

Code injection

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5CVSS5.3AI score0.02325EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/11/01 4:50 a.m.34 views

CVE-2020-28042

ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...

5.3AI score0.02325EPSS
Exploits1References4
OSV
OSV
added 2017/03/23 8:59 p.m.3 views

DEBIAN-CVE-2015-8626

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack...

9.8CVSS6.8AI score0.01888EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.24 views

Mandriva Security Advisory MDVSA-2009:318 (xmlsec1)

The remote host is missing an update to xmlsec1 announced via advisory MDVSA-2009:318. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

6.9CVSS7.6AI score0.06348EPSS
Exploits1References2
Rows per page
Query Builder