Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2022/05/20 4:0 p.m.3 views

CVE-2022-29163 Bypass of password requirements when sharing a folder via the Circles app in Nextcloud Server

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a pat...

3.5CVSS4.6AI score0.01015EPSS
Exploits0References4
Prion
Prion
added 2022/02/15 11:15 p.m.13 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses...

4.3CVSS6.5AI score0.00476EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/03 12:0 a.m.45 views

Debian DLA-2773-1 : curl - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2773 advisory. Two issues have been found in curl, a command line tool and an easy-to-use client-side library for transferring data with URL syntax. CVE-2021-22946 Crafted answer...

7.5CVSS6.9AI score0.04224EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2019/10/04 9:12 p.m.25 views

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

2.1CVSS6.8AI score0.01215EPSS
Exploits1References3
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2018/09/04 12:0 a.m.68 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 69 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 69.0.3497.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

9.6CVSS8.2AI score0.05264EPSS
Exploits3Affected Software1
Prion
Prion
added 2015/03/12 10:59 a.m.13 views

Design/Logic Flaw

Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process...

1.9CVSS6AI score0.00347EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2012/01/04 3:55 a.m.11 views

Authentication flaw

IBM Tivoli Federated Identity Manager TFIM and Tivoli Federated Identity Manager Business Gateway TFIMBG 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization...

4.3CVSS7.3AI score0.01249EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2011/01/18 5:0 p.m.49 views

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

4.4CVSS5.6AI score0.00496EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/01/08 12:0 a.m.16 views

Dada Mail < 4.0.2 List Membership Requirement Bypass

Binary data 5294.prm...

7.3AI score
Exploits0References1
Rows per page
Query Builder