CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with picasaweb.google.com...

10CVSS7.3AI score0.0188EPSS

Exploits0References1

OSV•added 2017/12/04 7:29 p.m.•0 views

CVE-2017-12079

Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via progid field...

7.5CVSS5.9AI score0.00297EPSS

Exploits0References1

Tenable Nessus•added 2017/02/03 12:0 a.m.•26 views

Fedora 24 : shotwell (2017-ddee871dd1)

This release turns on HTTPS encyption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of Picasa and Youtube publishing are strongly advised to...

5.5AI score

Exploits0References1

Tenable Nessus•added 2017/02/03 12:0 a.m.•26 views

Fedora 25 : shotwell (2017-8c3c43cc4f)

5.5AI score

Exploits0References1

Tenable Nessus•added 2017/02/02 12:0 a.m.•23 views

FreeBSD : shotwell -- failure to encrypt authentication (5a9b3d70-48e2-4267-b196-83064cb14fe0)

Jens Georg reports : I have just released Shotwell 0.24.5 and 0.25.4 which turn on HTTPS encryption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of...

5.5AI score

Exploits0References2

FreeBSD•added 2017/01/31 12:0 a.m.•14 views

shotwell -- failure to encrypt authentication

Jens Georg reports: I have just released Shotwell 0.24.5 and 0.25.4 which turn on HTTPS encryption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of...

1.1AI score

Exploits0References1

hackapp•added 2016/04/01 9:25 a.m.•13 views

Tool for Google Photo, Picasa - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Tool for Google Photo, Picasa published at the 'play' market has multiple vulnerabilities...

0.5AI score

Exploits0References1Affected Software1

OpenVAS•added 2015/11/26 12:0 a.m.•17 views

Google Picasa 'CAMF' Section Buffer Overflow Vulnerability - Windows

Google Picasa is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:picasa";...

10CVSS7.1AI score0.24929EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by