Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2023/03/30 7:15 p.m.17 views

CVE-2023-28647

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...

6.8CVSS4.8AI score0.00071EPSS
Exploits0References2
OSV
OSVadded 2022/12/01 12:0 a.m.31 views

ASB-A-179725730

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5.5CVSS5.4AI score0.00037EPSS
Exploits0References3
Lenovo
Lenovoadded 2017/06/23 12:0 a.m.20 views

Local Root Exploit on Lenovo VIBE Mobile Phones - Lenovo Support US

No description provided...

6.7AI score
Exploits0
UbuntuCve
UbuntuCveadded 2016/10/10 10:59 a.m.21 views

CVE-2016-3908

The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to remove a device's PIN or password, and consequently gain privileges, via a crafted application, aka internal bug 30003944...

5.5CVSS6.5AI score0.0009EPSS
Exploits0References3
Prion
Prionadded 2007/10/15 10:17 p.m.13 views

Code injection

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...

7.1CVSS6.9AI score0.01046EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2007/10/15 10:17 p.m.14 views

CVE-2007-5460

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...

7.1CVSS4.7AI score0.01046EPSS
Exploits1References5
Cvelist
Cvelistadded 2007/10/15 10:0 p.m.25 views

CVE-2007-5460

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption XOR obfuscation with a fixed key when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by 1 sniffing or 2...

4.6AI score0.01046EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2007/10/15 12:0 a.m.2 views

PT-2007-6496 · Microsoft · Activesync

Name of the Vulnerable Software and Affected Versions: Microsoft ActiveSync version 4.1 Description: The issue concerns the use of weak encryption, specifically XOR obfuscation with a fixed key, when sending the user's PIN/Password over the USB connection from the host to the device. This might...

7.1CVSS4.4AI score0.01046EPSS
Exploits1References7
Rows per page
Query Builder