128 matches found
ALPINE-CVE-2020-13249
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass
Microsoft security advisory: Vulnerability in IPsec could allow security feature bypass INTRODUCTION Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, g...
CVE-2019-15102
An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunnerNondistributed and distributed end points does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intende...
CVE-2018-17791
Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...
CVE-2018-20852
http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...
Design/Logic Flaw
http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...
Jupyter notebook -- open redirect vulnerability
Jupyter blog: Login pages tend to take a parameter for redirecting back to a page after successful login, e.g. /login?next=/notebooks/mynotebook.ipynb, so that you aren't disrupted too much if you try to visit a page, but have to authenticate first. An Open Redirect Vulnerability is when a...
WSD-T13 Cloud Storage Camera (Android client) suffers from an override access vulnerability (CNVD-2019-06647)
Ltd. is an enterprise specializing in the research and development, production, sales and service of security monitoring products. WSD-T13 Cloud Storage Camera Android client suffers from an overstepping access vulnerability. The vulnerability is due to the server on the client request data...
CVE-2019-7283
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...
CVE-2018-8489
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...
Improper access control
UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...
Perspective ICM Investigation And Case 5.1.1.16 Privilege Escalation
Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: [email protected] Vendor Homepage: www.resolver.com Version: Perspective ICM Investigation & Case -...
Remote code execution
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution...
Interval International app for iOS authentication vulnerability
Interval International app for iOS is a travel management software from Interval USA. An authentication vulnerability exists in versions 3.3 through 3.5.1 of the Interval International app for iOS, which stems from the program failing to validate an X.509 certificate on the server side of an SSL...
State Bank of India State Bank Anywhere app for iOS Man-in-the-Middle Attack Vulnerability
State Bank of India State Bank Anywhere app for iOS is a mobile app for iOS from State Bank of India with features like quick access to manage bank accounts, manage balances, pay bills and send money. A security vulnerability exists in version 5.1.0 of the State Bank of India State Bank Anywhere...
Cross-Site Scripting (XSS)
Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...
Midea's i+ smart refrigerator has design logic flaws
The Midea i+ Smart Refrigerator is a smart home appliance developed by Midea Group. Midea's i+ Smart Refrigerator is susceptible to man-in-the-middle attacks due to the insecure protocol for transmitting data and the lack of validation of what is transmitted on the client and server side. The lac...
FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability
Document Title: =============== FoxyCart Bug Bounty 1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1451 098bdc9b309783df65044c5abb690dafdd4bcd436c380ae68c924fe37e14b4e0 Release Date: ============= 2015-07-15...
Code injection
Intel McAfee ePolicy Orchestrator ePO 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifica...
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability
Document Title: =============== BlinkSale Bug Bounty 1 - Encode & Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1416 Release Date: ============= 2015-02-06 Vulnerability Laboratory ID VL-ID: ====================================...