Lucene search
K

2680 matches found

Hacker One
Hacker One
added 2019/06/06 4:42 p.m.55 views

Mail.ru: SSRF On [ allods.mail.ru ]

SSRF in allods.mail.ru. allods.mail.ru belongs to Ext.B scope...

1.6AI score
Exploits0
OSV
OSV
added 2019/06/06 3:29 p.m.3 views

CVE-2019-5295

Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125C00E125R2P14T8 have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References1
Hacker One
Hacker One
added 2019/05/14 7:48 a.m.57 views

Django: Jenkins Unauthenticated RCE on https://djangoci.com/

This report discloses an RCE issue on djangoci.com as outlined in https://www.djangoproject.com/weblog/2019/may/15/rce-djangoci/ While technically a valid issue, it is out of scope for bounty, please see https://hackerone.com/django for details on which issues qualify for bounties...

10CVSS0.5AI score0.98326EPSS
Exploits5
Kitploit
Kitploit
added 2019/05/08 12:56 p.m.285 views

Cynet Free IR Tool Offering Empowers Responders to Know and Act Against Active Attacks

The saying that there are two types of organizations, those that have gotten breached and those who have but just don’t know it yet, has never been more relevant, making sound incident response a required capability in any organization’s security stack. To assist in this critical mission, Cynet i...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2019/05/04 3:23 a.m.15 views

HackerOne: View HackerOne challenge scope before challenge begins

Summary: Hi team, I have come across an issue where I am able to view a HackerOne challenge scope before the challenge begins. The issue here being that I can get an understanding of what the in-scope assets are before a challenge starts, allowing myself to start researching and finding bugs to...

0.3AI score
Exploits0
FreeBSD
FreeBSD
added 2019/04/30 12:0 a.m.32 views

Gitlab -- Information Disclosure

Gitlab reports: Information Disclosure with Limited Scope Token...

7.5CVSS0.8AI score0.01163EPSS
Exploits0References1
Veracode
Veracode
added 2019/04/25 6:54 a.m.10 views

Arbitrary File Read

koa-body is vulnerable to arbitrary file read. The vulnerability exists as it is possible to copy a file that exists outside of the web server's scope, into the /public directory which can be publicly read...

6.8AI score
Exploits0
NVD
NVD
added 2019/04/22 4:29 p.m.28 views

CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

5.3CVSS4.6AI score0.00767EPSS
Exploits0References1
NVD
NVD
added 2019/04/22 4:29 p.m.20 views

CVE-2016-1573

Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope...

7.8CVSS6.4AI score0.00425EPSS
Exploits0References1
OSV
OSV
added 2019/04/22 4:29 p.m.4 views

UBUNTU-CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

5.3CVSS5.9AI score0.00767EPSS
Exploits0References2
Prion
Prion
added 2019/04/22 4:29 p.m.18 views

Code injection

All versions of unity-scope-gdrive logs search terms to syslog...

5CVSS7AI score0.00767EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/04/22 4:29 p.m.42 views

CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

5.3CVSS6AI score0.00767EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/22 3:35 p.m.27 views

CVE-2015-1343 unity-scope-gdrive search feature logs search terms to syslog

All versions of unity-scope-gdrive logs search terms to syslog...

2CVSS5.3AI score0.00767EPSS
Exploits0References1
CVE
CVE
added 2019/04/22 3:35 p.m.58 views

CVE-2015-1343

CVE-2015-1343 affects unity-scope-gdrive; all versions log search terms to syslog. The connected documents consistently describe a logging behavior that may expose user search data via syslog, implying potential information disclosure. The provided sources do not include root-cause details, affec...

5.3CVSS4.6AI score0.00767EPSS
Exploits0References1Affected Software1
Lenovo
Lenovo
added 2019/04/17 2:13 p.m.35 views

Intel Server Board Firmware Vulnerability - US

Lenovo Security Advisory: LEN-24799 Potential Impact: Privilege escalation, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12173 Summary Description: Intel has notified Lenovo of a potential security vulnerability in Intel® Server...

7.2CVSS3.6AI score0.00407EPSS
Exploits0
Lenovo
Lenovo
added 2019/04/17 1:54 p.m.32 views

Intel Matrix Storage Manager Discontinuation - US

Lenovo Security Advisory: LEN-26976 Potential Impact: Privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0121 Summary Description: Intel has notified Lenovo of a potential security vulnerability in Intel® Matrix Storage Manager may allow escalation of...

4.6CVSS3.2AI score0.00358EPSS
Exploits0
Hacker One
Hacker One
added 2019/04/08 1:12 p.m.33 views

VK.com: Information Disclosure (phpinfo())

Out-of-scope...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2019/04/04 6:38 p.m.20 views

Mail.ru: XSS

XSS via GET parameters in touch.cooking.lady.mail.ru touch.cooking.lady.mail.ru belongs to extended scope...

3.9AI score
Exploits0
MSRC
MSRC
added 2019/04/02 10:32 p.m.86 views

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2019/03/28 4:28 a.m.20 views

Mail.ru: CSRF on /subscription_manage.php endpoint at allods.mail.ru

CSRF in https://allods.mail.ru allows to manage user's subscriptions. allods.mail.ru belongs to extended scope...

0.6AI score
Exploits0
Rows per page
Query Builder