Lucene search
+L

193 matches found

Prion
Prion
added 2019/05/07 8:29 p.m.12 views

Design/Logic Flaw

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account...

7.5CVSS9.2AI score0.0146EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/05/07 7:28 p.m.43 views

CVE-2018-6634

The CVE-2018-6634 entry concerns Parsec on Windows (142-0) and Parsec for Linux Ubuntu 16.04 LTS Desktop (Build 142-1). The vulnerability allows unauthorized users to maintain access to an account. Per NVD, CVSS scores indicate high to critical impact (CVSSv2 base score 7.5; CVSSv3 base score 9.8...

9.8CVSS9.1AI score0.0146EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/07 7:28 p.m.19 views

CVE-2018-6634

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account...

9.3AI score0.0146EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.4 views

The vulnerability of Samba software on the Astra Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of Samba software on the Astra Linux operating system is related to the absence of the necessary privilege PARSECCAPSIG for the smbd process. Exploiting this vulnerability can allow a malicious actor to cause service interruptions. source-iocs-preserved const=PARSECCAPSIG...

4.3CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/12/27 12:0 a.m.8 views

The vulnerability of the libparsec-common-qt5 package on the Astra Linux operating system allows a hacker to access confidential data and trigger a service failure.

The vulnerability of the libparsec-common-qt5 package in the Astra Linux operating system is related to an error in the interaction with LDAP through parsec calls when retrieving user security attributes. Exploiting this vulnerability allows a remote attacker to gain access to information about a...

4.7CVSS5.6AI score
Exploits0
Prion
Prion
added 2018/02/05 10:29 p.m.14 views

Design/Logic Flaw

In the uncurlwsaccept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation accepting an arbitrary substring match for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full...

9.3CVSS8.7AI score0.02122EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2018/02/05 10:29 p.m.15 views

CVE-2018-6651

In the uncurlwsaccept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation accepting an arbitrary substring match for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full...

9.3CVSS8.8AI score0.02122EPSS
Exploits0References3
OSV
OSV
added 2018/02/05 10:29 p.m.5 views

CVE-2018-6651

In the uncurlwsaccept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation accepting an arbitrary substring match for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full...

8.8CVSS5.9AI score0.02122EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/02/05 10:0 p.m.14 views

CVE-2018-6651

In the uncurlwsaccept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation accepting an arbitrary substring match for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full...

8.8AI score0.02122EPSS
Exploits0References3
CVE
CVE
added 2018/02/05 10:0 p.m.43 views

CVE-2018-6651

CVE-2018-6651 affects uncurl (uncurl.c) in uncurl before 0.07, as used in Parsec before 140-3. The issue is insufficient Origin header validation for WebSocket API requests (accepting an arbitrary substring match), which enables remote attackers to bypass access restrictions and, in Parsec, could...

9.3CVSS8.6AI score0.02122EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/21 11:7 a.m.22 views

traksys.parsec-corp.com XSS vulnerability

Vulnerable URL: http://traksys.parsec-corp.com/m/forums/Tags.aspx?Tag=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 20:25 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/12/03 5:4 a.m.12 views

hgtvgardens.com Cross Site Scripting vulnerability OBB-112202

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| hgtvgardens.com ---|--- Open Bug Bounty...

6.3AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.23 views

Debian Security Advisory DSA 079-2 (uucp)

The remote host is missing an update to uucp announced via advisory DSA 079-2. OpenVAS Vulnerability Test $Id: deb0792.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 079-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.2CVSS0.2AI score0.01077EPSS
Exploits1
Rows per page
Query Builder