Lucene search
K

335 matches found

Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.4 views

PT-2024-31691 · Unknown · Symphony Xts Web Trading

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this by manipulating parameters...

9.1CVSS6.8AI score0.00363EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.557 views

SMB Group Policy Preference Saved Passwords Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Group Policy Preference Saved Passwords Enumeration', 'Description' = %Q This module enumerates files from target domain controllers and...

9CVSS7AI score0.65117EPSS
Exploits3
OSV
OSV
added 2024/09/01 12:0 a.m.21 views

ASB-A-341886134

In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00079EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.6 views

PT-2024-13883 · Realtek · Realtek Rtl819X Jungle Sdk

Name of the Vulnerable Software and Affected Versions: Realtek rtl819x Jungle SDK version 3.4.11 Description: Two stack-based buffer overflow vulnerabilities exist in the boa set RadvdInterfaceParam functionality. A specially crafted series of network requests can lead to remote code execution. A...

7.2CVSS8.3AI score0.01413EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/06/10 7:39 p.m.13 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2024/05/29 10:0 a.m.6 views

SUSE CVE-2023-52804

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity check for dbmaxag and dbagpref, which can lead to errors. The following...

5.3CVSS6.5AI score0.00255EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2024/05/23 12:9 p.m.5 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/20 6:1 a.m.9 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/20 2:11 a.m.4 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/20 2:10 a.m.5 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/16 6:18 p.m.2 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/16 5:34 p.m.3 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/16 5:20 p.m.6 views

Mozilla: IndexedDB files retained in private browsing mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox...

4.3CVSS7.2AI score0.00488EPSS
Exploits1References6
OSV
OSV
added 2024/05/14 6:15 p.m.13 views

CVE-2024-4767

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

4.3CVSS6.2AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/05/14 5:21 p.m.18 views

CVE-2024-4767

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

6.1AI score0.00488EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2024/05/14 5:21 p.m.25 views

CVE-2024-4767

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

4.3CVSS7.4AI score0.00488EPSS
Exploits1
PyPA
PyPA
added 2024/05/06 12:15 a.m.6 views

PYSEC-2024-175

WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation...

7.7CVSS6.9AI score0.00181EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/04/05 9:15 a.m.21 views

CVE-2024-28949

Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service...

6.5CVSS4.7AI score0.00562EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/03/30 9:12 a.m.13 views

preference-jeu.com Cross Site Scripting vulnerability OBB-3890902

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/03/06 11:2 a.m.14 views

BIT-MEDIAWIKI-2023-29137

An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. The UserImpactHandler for GrowthExperiments inadvertently returns the timezone preference for arbitrary users, which can be used to de-anonymize users...

4.3CVSS4.6AI score0.00436EPSS
Exploits0References2
Rows per page
Query Builder