Lucene search
K

21 matches found

NVD
NVD
added 2025/05/28 5:15 p.m.30 views

CVE-2025-48931

The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities including rainbow tables with low computational effort...

5.5CVSS0.00081EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/28 12:0 a.m.5 views

CVE-2025-48931

The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities including rainbow tables with low computational effort...

3.2CVSS4.3AI score0.00081EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2023/08/24 6:0 p.m.18 views

Malwarebytes acquires Cyrus Security

Today, I am absolutely thrilled to share some exciting news: Malwarebytes is officially welcoming Cyrus Security into our family. This acquisition signifies an exciting chapter in our journey, and I wanted to share why this development is so special, and what it means for the millions who trust...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.302 views

WordPress User Registration 3.0.2 Arbitrary File Upload

Description: User Registration = 3.0.2 – Authenticated Subscriber+ Arbitrary File Upload Affected Plugin: User Registration – Custom Registration Form, Login Form And User Profile For WordPress Plugin Slug: user-registration Affected Versions: = 3.0.2 CVE ID: CVE-2023-3342 CVSS Score: 9.9 Critica...

7.1AI score0.01454EPSS
Exploits2
Schneier on Security
Schneier on Security
added 2023/06/05 11:14 a.m.10 views

The Software-Defined Car

Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock brakes, a module there to run the cruise control radar, and so on. Now engineers and designers are rationalizing the way they go...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.12 views

Number of prizes math is wrong

Handle cmichel Vulnerability details The math described in Splitting the prizes and implemented in DrawCalculator.numberOfPrizesForIndex seems to be wrong. Assuming a bit range of 4 16 possibilities per position and cardinality of 8. Note that degree is determined by the first position where it...

6.7AI score
Exploits0
OSV
OSV
added 2020/09/03 3:15 p.m.5 views

CVE-2020-25105

eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token createHash has only a million possibilities...

9.8CVSS5.8AI score0.01075EPSS
Exploits0References2
OSV
OSV
added 2020/08/11 2:15 p.m.5 views

CVE-2020-10780

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affect...

6.3CVSS5.8AI score0.00701EPSS
Exploits0References2
NVD
NVD
added 2020/08/11 2:15 p.m.30 views

CVE-2020-10780

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affect...

6.3CVSS7AI score0.00701EPSS
Exploits0References2
Prion
Prion
added 2020/08/11 2:15 p.m.22 views

Input validation

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affect...

4.9CVSS6.7AI score0.00701EPSS
Exploits0References2Affected Software1
n0where
n0where
added 2016/12/23 8:21 p.m.15 views

Exploits and Security Tools Framework: EaST Framework

Exploits and Security Tools Framework Pentest framework environment is the basis of IT security specialist’s toolkit. This software is essential as for learning and improving of knowledge in IT systems attacks and for inspections and proactive protection. The need of native comprehensive open...

7.4AI score
Exploits0References2
securityvulns
securityvulns
added 2015/09/15 12:0 a.m.36 views

Microsoft Lync Server / Skype for Business crossite scripting

Multiple crossite scripting possibilities...

4.3CVSS1.5AI score0.10889EPSS
Exploits0Affected Software2
securityvulns
securityvulns
added 2015/09/14 12:0 a.m.26 views

Synology Download Station crossite scripting

Few crossite scripging possibilities...

2AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2015/04/12 12:0 a.m.2 views

PT-2017-6668 · Nts +3 · Ntp +3

Name of the Vulnerable Software and Affected Versions: ntp versions 4.2.8px through 4.2.8p2-RC2 ntp versions 4.3.x through 4.3.12 Description: The issue is related to the generation of MD5 keys with insufficient entropy on big endian machines under specific conditions. This might allow remote...

9.8CVSS6.4AI score0.81762EPSS
Exploits7References88
securityvulns
securityvulns
added 2012/07/23 12:0 a.m.25 views

HP AssetManager crossite scripting

Multiple crossite scripting possibilities...

4.3CVSS1AI score0.0163EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2010/03/19 12:0 a.m.21 views

eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash

Exploit for windows platform in category dos / poc =========================================================================== eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash PoC =========================================================================== Title: eDisplay...

7AI score
Exploits0
securityvulns
securityvulns
added 2008/03/17 12:0 a.m.23 views

RSA WebID crossite scripting

Multipel crossite scripting possibilities...

2.2AI score0.00318EPSS
Exploits0References1Affected Software1
xssed
xssed
added 2007/10/13 12:0 a.m.7 views

Unfixed XSS vulnerability at www.endlesspossibilities.us

Security researcher BackDoor, has submitted on 13/10/2007 a cross-site-scripting XSS vulnerability affecting www.endlesspossibilities.us, which at the time of submission ranked 1603020 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/11/2007...

Exploits0References1
Packet Storm
Packet Storm
added 2007/05/24 12:0 a.m.33 views

waraxe-2007-SA051.txt

waraxe-2007-SA051 - Sql Injection in 2z Project 0.9.5 ==================================================================== Author: Janek Vind "waraxe" Date: 23. May 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-51.html Target software description: Vulnerable: 2z Project 0.9.5...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/02/25 12:0 a.m.31 views

Multiple Windows ASN.1 bugs

Heap corruptions, heap buffer overflows open possibilities for attack via different protocols and applications...

3.3AI score
Exploits0References4Affected Software1
Rows per page
Query Builder