Lucene search
K

61 matches found

OSV
OSV
added 2023/10/17 1:15 p.m.3 views

CVE-2023-43777

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

6.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Code423n4
Code423n4
added 2022/07/08 12:0 a.m.8 views

Attacker can prevent other projects from using a custom token

Lines of code Vulnerability details Impact A malicious project owner or an attacker can front-run the JBTokenStore.changeFor function and "steal" the token for their own project. This token can then not be used for any other project as long as it's assigned to a project due to projectOftoken != 0...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2022/03/14 12:0 a.m.288 views

Insurance Management System 1.0 SQL Injection

Title: Insurance Management System v1.0 SQLi Author: nu11secur1ty Date: 03.12.2022 Vendor: https://itsourcecode.com/free-projects/php-project/php-projects-source-code-free-downloads/ Software:...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.4 views

GitLab 授权问题漏洞

GitLab is a self-hosted, Git version control system project repository application developed using Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. An authorization issue vulnerability exists in GitLab CE/EE, which can be...

4.3CVSS5.7AI score0.00763EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2021/10/05 1:45 p.m.16 views

CVE-2021-22264

Removed by vendor...

6.8CVSS6.6AI score0.00975EPSS
Exploits0
Drupal
Drupal
added 2021/07/28 12:0 a.m.19 views

Pages Restriction Access - Critical - Access bypass - SA-CONTRIB-2021-024

This project enables administrators to restrict access from anonymous and regular users to pre-defined pages. The administration routes used by the project lacked proper permissions, allowing untrusted users to access, create and modify the module's settings...

6.6AI score
Exploits0References7
Debian CVE
Debian CVE
added 2020/11/17 5:52 p.m.25 views

CVE-2020-13351

Removed by vendor...

6.5CVSS6.6AI score0.01345EPSS
Exploits0
Atlassian
Atlassian
added 2020/11/04 7:26 a.m.34 views

User has access to project and repository after global permission has been removed

h3. Problem User has access to project and repository after global permission has been removed. Conversely, a user in this affected state will be greeted with "permission denied" even after the global permission has been re-granted to the user. h3. Environment - Tested on 7.5 and 7.3 h3. Steps to...

7AI score
Exploits0Affected Software1
Debian CVE
Debian CVE
added 2020/09/29 4:7 p.m.18 views

CVE-2020-13320

Removed by vendor...

6.5CVSS6.6AI score0.01038EPSS
Exploits1
Prion
Prion
added 2020/07/27 6:15 p.m.12 views

Default configuration

In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's...

4CVSS4.9AI score0.01029EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/07/27 6:15 p.m.21 views

PYSEC-2020-264

In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's...

4.9CVSS4.1AI score0.01029EPSS
Exploits0References2
Veracode
Veracode
added 2020/04/29 9:58 a.m.11 views

Man-in-the-middle

atmosphere-project is vulnerable to man-in-the-middle attack. The attack is possible because it does not use HTTPS to download dependencies, allowing an attacker to manipulate the dependencies...

1.5AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2019/08/20 12:0 a.m.12 views

FreeBSD-SA-19:23.midi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:23.midi Security Advisory The FreeBSD Project Topic: kernel memory disclosure from /dev/midistat Category: core Module: sound Announced: 2019-08-20 Credits:...

7.8CVSS7.2AI score0.00909EPSS
Exploits0
Nextcloud
Nextcloud
added 2019/07/29 12:0 a.m.31 views

Improper neutralization of item names in projects feature (NC-SA-2020-008)

Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project...

3.5CVSS3.7AI score0.0084EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/01/28 12:45 p.m.184 views

Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool

The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Running and configuring the scanner The Hawkeye scanner-cli assumes that your directory structure is such that it keeps the...

7.6AI score
Exploits0References6
Xen Project
Xen Project
added 2015/03/10 12:0 p.m.14 views

Non-standard PCI device functionality may render pass-through insecure

ISSUE DESCRIPTION Devices with capabilities or defects that are undocumented or that virtualization software is unaware of may allow guests to control parts of the host that they shouldn't be in control of. Here are some examples of the kind of problem: While XSA-120 deals with standard PCI confi...

0.5AI score
Exploits0
Hacker One
Hacker One
added 2014/04/19 4:7 a.m.15 views

Localize: Deleting groups in any project without permission

If you can make a group then why can't you delete the group :P With same method of creating the group you can delete the group But have some restrictions :/ : 1 in any project you ll not get to know the deleteGroupid 2 May be I'm only one who is making groups now so i can assume the deleteGroupid...

7AI score
Exploits0
Debian
Debian
added 2003/01/24 4:3 p.m.22 views

[SECURITY] [DSA 243-1] New kdemultimedia packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 243-1 [email protected] http://www.debian.org/security/ Martin Schulze January 24th, 2003 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.03671EPSS
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.8 views

Security Update for Microsoft Project 2010 (KB3085614) 32-Bit Edition

A security vulnerability exists in Microsoft Project 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

3.3AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.13 views

Security Update for Microsoft Project 2010 (KB4484387) 32-Bit Edition

A security vulnerability exists in Microsoft Project 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

3.3AI score
Exploits0
Rows per page
Query Builder