Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43576

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References2
PyPA
PyPA
added 2025/04/24 1:15 a.m.10 views

PYSEC-2025-34

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.getservercertificate can exfiltrate data via DNS after deserialization...

6.8CVSS7AI score0.00189EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.8 views

The vulnerability of the openssl_private_decrypt() function in the PKCS1 Padding Handler component of the PHP programming language interpreter allows a attacker to execute a Marvin attack.

The vulnerability of the opensslprivatedecrypt function in the PKCS1 Padding Handler component of the PHP programming language interpreter is related to the use of an OpenSSL version that does not include the changes required by the RSAPKCS1IMPLICITREJECTION request. Exploiting this vulnerability...

5.9CVSS6.5AI score0.01158EPSS
Exploits1References9Affected Software5
OSV
OSV
added 2022/06/27 9:15 p.m.4 views

DEBIAN-CVE-2022-31085

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by...

6.1CVSS6.1AI score0.00257EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/14 12:0 a.m.4 views

Momentum Axel 720P DNS Hijacking Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A security vulnerability exists in the Momentum Axel 720P version 5.1.8, which stems from the program's lack of SSL authentication. A remote attacker can exploit the vulnerability by hijacking DNS to upgrade the...

4.4CVSS5AI score0.0035EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/20 12:0 a.m.3 views

Google News and Weather application for Android security bypass vulnerability

Google News and Weather application for Android is a mobile application for the Android operating system based on the American company Google Google. The program supports pushing news and weather forecasts, etc. A security vulnerability exists in the Google News and Weather application for Androi...

7.5CVSS7.5AI score0.01097EPSS
Exploits1References1
Rows per page
Query Builder