Lucene search
K

35 matches found

RedHat Linux
RedHat Linux
added last week3 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added last week6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
NVD
NVD
added 2026/06/16 2:16 a.m.13 views

CVE-2026-42014

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS0.0015EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/06/16 12:49 a.m.2 views

CVE-2026-42014

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.8AI score0.0015EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/06/16 12:49 a.m.40 views

CVE-2026-42014 Gnutls: gnutls: use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS0.0015EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-2232

Malware in sbrugna...

4.9CVSS7.3AI score0.00393EPSS
Exploits1References17
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-31593

Malicious code in bioql PyPI...

6CVSS6.6AI score0.00159EPSS
Exploits0References5
NVD
NVD
added 2025/09/29 6:15 p.m.5 views

CVE-2025-57197

In the Payeer Android application 2.5.0, an improper access control vulnerability exists in the authentication flow for the PIN change feature. A local attacker with root access to the device can dynamically instrument the app to bypass the current PIN verification check and directly modify the...

6CVSS0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.4 views

PT-2025-39852

Name of the Vulnerable Software and Affected Versions Payeer Android application version 2.5.0 Description An improper access control issue exists in the authentication process for changing the PIN in the Payeer Android application. A local attacker with root access to the device can bypass the P...

6CVSS6.3AI score0.00159EPSS
Exploits0References7
CVE
CVE
added 2025/09/29 12:0 a.m.13 views

CVE-2025-57197

The CVE-2025-57197 entry applies to the Payeer Android application version 2.5.0, where an improper access control in the PIN-change authentication flow allows a local attacker with root access to bypass the current PIN verification and directly modify the authentication PIN. This means an attack...

6CVSS6.3AI score0.00159EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/29 12:0 a.m.3 views

CVE-2025-57197

In the Payeer Android application 2.5.0, an improper access control vulnerability exists in the authentication flow for the PIN change feature. A local attacker with root access to the device can dynamically instrument the app to bypass the current PIN verification check and directly modify the...

6.3AI score0.00159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:47 a.m.8 views

CVE-2011-1104

Multiple cross-site request forgery CSRF vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that 1 change a PIN, 2 delete messages, 3 add a delivery address, or 4 change a delivery address...

6.8CVSS7.8AI score0.0068EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.5 views

PT-2023-18021 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a permissions bypass in the LockSettingsActivity.java file, allowing a new lockscreen PIN to be set without entering the existing PIN. This could lead to local...

7.8CVSS7.6AI score0.00088EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.3 views

SUSE CVE-2008-2235

OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...

4.9CVSS6.7AI score0.00393EPSS
Exploits1References5
OSV
OSV
added 2022/01/03 10:15 p.m.5 views

CVE-2021-37116

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...

9.1CVSS7.3AI score0.00741EPSS
Exploits0References1
NVD
NVD
added 2022/01/03 10:15 p.m.23 views

CVE-2021-37116

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...

9.1CVSS0.00741EPSS
Exploits0References1
Prion
Prion
added 2022/01/03 10:15 p.m.18 views

Design/Logic Flaw

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...

6.4CVSS9.1AI score0.00741EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/03 9:7 p.m.34 views

CVE-2021-37116

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...

9.4AI score0.00741EPSS
Exploits0References1
Rows per page
Query Builder