Lucene search
K

293 matches found

Prion
Prion
added 2023/12/07 11:15 p.m.31 views

Input validation

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution...

4.3CVSS7.9AI score0.00271EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/12/07 10:29 p.m.76 views

CVE-2023-5058

Phoenix SecureCore Technology 4 is affected by an improper input validation issue in the processing of user-supplied splash screens during system boot, which could allow denial-of-service or arbitrary code execution. Affected product: Phoenix SecureCore Technology 4 firmware. Root cause: improper...

7.8CVSS7.9AI score0.00271EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/28 12:0 a.m.17 views

PT-2023-7436 · Phoenix · Phoenix Securecore Technology

Name of the Vulnerable Software and Affected Versions: Phoenix SecureCore Technology version 4 Description: The issue is related to improper input validation in the processing of user-supplied splash screens during system boot. This could potentially allow an attacker to cause a denial-of-service...

7.8CVSS7.7AI score0.00271EPSS
Exploits0References17
NVD
NVD
added 2023/11/17 6:15 a.m.26 views

CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...

5.3CVSS0.00685EPSS
Exploits0References7
OSV
OSV
added 2023/11/17 6:15 a.m.4 views

DEBIAN-CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...

5.3CVSS5.7AI score0.00685EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/17 6:15 a.m.3 views

CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...

5.3CVSS6AI score0.00685EPSS
Exploits0References8
Prion
Prion
added 2023/11/17 6:15 a.m.16 views

Input validation

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS...

5CVSS7AI score0.00685EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/11/17 6:15 a.m.30 views

CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...

5.3CVSS6.1AI score0.00685EPSS
Exploits0References3
OSV
OSV
added 2023/11/17 6:15 a.m.3 views

UBUNTU-CVE-2023-38324

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...

5.3CVSS5.8AI score0.00685EPSS
Exploits0References4
OSV
OSV
added 2023/09/11 8:15 a.m.5 views

CVE-2023-42471

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...

9.8CVSS6.1AI score0.01419EPSS
Exploits1References3
Citrix
Citrix
added 2023/09/01 12:0 a.m.8 views

How to add QR Code to the NetScaler Gateway Login page .

How to add QR file to the NetScaler Splash Screen...

7.1AI score
Exploits0
OSV
OSV
added 2023/06/26 4:15 p.m.3 views

CVE-2023-29459

The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application's webview, thus allowing the loading of arbitrary...

6.1CVSS5.9AI score0.00649EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/06/26 12:0 a.m.11 views

PT-2023-22267 · Red Bull · Laola.Redbull

Name of the Vulnerable Software and Affected Versions: laola.redbull application through 5.1.9-R for Android Description: The laola.redbull application exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI...

6.1CVSS7AI score0.00649EPSS
Exploits2References5
Fedora
Fedora
added 2023/02/25 3:48 a.m.15 views

[SECURITY] Fedora 37 Update: plymouth-kcm-5.27.1-1.fc37

This is a System Settings configuration module for configuring the plymouth splash screen...

1.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.3 views

SUSE CVE-2006-0301

Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as 1 poppler, 2 kdegraphics, 3 gpdf, 4 pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed...

7.5CVSS8.1AI score0.04403EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.4 views

SUSE CVE-2008-5358

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll...

9.3CVSS8.1AI score0.07429EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.4 views

SUSE CVE-2009-3604

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted P...

9.3CVSS8.2AI score0.08703EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.1 views

SUSE CVE-2009-3605

Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF file, related to 1 glib/poppler-page.cc; 2 ArthurOutputDev.cc, 3 CairoOutputDev.cc, 4 GfxState.cc, 5 JBIG2Stream.cc, ...

6.8CVSS7.9AI score0.04409EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1789

splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to the 1 Splash::arbitraryTransformMask, 2 Splash::blitMask, and 3 Splash::scaleMaskYuXu functions...

4.3CVSS6.7AI score0.02382EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.4 views

SUSE CVE-2016-4323

A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image...

5.8CVSS6.9AI score0.02305EPSS
Exploits2References4
Rows per page
Query Builder