Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-2129

Malware in sbrugna...

3.5CVSS6.4AI score0.00693EPSS
Exploits1References5
NVD
NVD
added 2024/04/03 3:15 p.m.25 views

CVE-2024-28275

Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.163090516 was discovered to transmit sensitive information in cleartext. This vulnerability allows attackers to intercept and access sensitive information, including users' credentials and password change requests...

6.5CVSS6.6AI score0.00324EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.9 views

PT-2024-22374 · Puwell Cloud Tech Co · 360Eyes Pro

Name of the Vulnerable Software and Affected Versions: Puwell Cloud Tech Co, Ltd 360Eyes Pro version 3.9.5.16 Description: The issue allows attackers to intercept and access sensitive information because it transmits this data in cleartext. This includes users' credentials and password change...

6.5CVSS7AI score0.00324EPSS
Exploits0References3
Veracode
Veracode
added 2024/01/29 7:10 a.m.26 views

Host Header Injection

pimcore/admin-ui-classic-bundle is vulnerable to Host Header Injection. The vulnerability is due to missing Host header validation. An attacker can a send password change requests to a user, specifying a "Host" header of a website they control, resulting in them receiving the password token,...

8.8CVSS6.9AI score0.00827EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/11/04 12:0 a.m.56 views

CVE-2023-46380

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...

8AI score0.02521EPSS
Exploits2References4
Microsoft KB
Microsoft KB
added 2016/11/08 12:0 a.m.45 views

MS16-137: Security update for Windows authentication methods: November 8, 2016

Resolves a vulnerability in Windows that could allow elevation of privilege.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege. To exploit this vulnerability, the attacker would first have to...

6.7AI score
Exploits0
NVD
NVD
added 2015/04/10 2:59 p.m.20 views

CVE-2015-1147

Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network...

5CVSS6.3AI score0.0161EPSS
Exploits1References4
Cvelist
Cvelist
added 2015/04/10 2:0 p.m.23 views

CVE-2015-1147

Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network...

6.3AI score0.0161EPSS
Exploits1References4
Prion
Prion
added 2013/10/28 3:42 a.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password...

6.8CVSS7.7AI score0.00619EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2010/06/25 7:0 p.m.22 views

CVE-2009-4906

Cross-site request forgery CSRF vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords...

7.2AI score0.01068EPSS
Exploits1References4
Rows per page
Query Builder