Lucene search
K

15 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/10/08 12:0 a.m.6 views

(0Day) Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to a storage account token. An attacker can leverage this...

9.1CVSS9.5AI score0.02818EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-5930

Malware in sbrugna...

7.8CVSS7.6AI score0.0034EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/19 9:26 p.m.4 views

CVE-2025-10643

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS7.1AI score0.02818EPSS
Exploits0References1
NVD
NVD
added 2025/09/17 9:15 p.m.5 views

CVE-2025-10643

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS0.02818EPSS
Exploits0References1
OSV
OSV
added 2025/09/17 9:15 p.m.2 views

CVE-2025-10643

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS5.9AI score0.02818EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/17 8:41 p.m.9 views

CVE-2025-10643 Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability

Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS0.02818EPSS
Exploits0References1
CVE
CVE
added 2025/09/17 8:41 p.m.27 views

CVE-2025-10643

Wondershare Repairit contains an authentication bypass vulnerability (CVE-2025-10643) caused by incorrect permissions for a storage account token. The flaw allows remote attackers to bypass authentication on affected installations, with CVSS3 base score 9.1 (CRITICAL) and an attack vector of NETW...

9.1CVSS6.7AI score0.02818EPSS
Exploits0References1Affected Software1
MSRC
MSRC
added 2023/09/18 7:0 a.m.38 views

Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token

Summary As part of a recent Coordinated Vulnerability Disclosure CVD report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a public GitHub repository while contributing to open-source AI learning models. This URL...

7.2AI score
Exploits0
Citrix
Citrix
added 2023/08/31 12:0 a.m.8 views

Citrix MCS failed when Azure storage account configured with TLS 1.2 Version.

Citrix MCS fails if the Azure storage account is configured with the TLS 1.2 version...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2021/06/25 9:30 p.m.68 views

BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner

An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research: https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overvi...

7AI score
Exploits0References3
Microsoft Secure
Microsoft Secure
added 2021/04/08 6:0 p.m.59 views

Threat matrix for storage services

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...

0.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/04/08 6:0 p.m.56 views

Threat matrix for storage services

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...

0.5AI score
Exploits0
Talos
Talos
added 2020/03/09 12:0 a.m.70 views

WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities

Summary An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. Tested Versions WAGO PFC200 Firmware version 03.02.0214 WAGO...

9CVSS7.4AI score0.04614EPSS
Exploits1
OSV
OSV
added 2017/09/13 5:29 p.m.5 views

CVE-2017-14427

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/run/storageaccountroot permissions...

7.8CVSS5.8AI score0.0034EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/09/13 5:0 p.m.18 views

CVE-2017-14427

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/run/storageaccountroot permissions...

8.4AI score0.0034EPSS
Exploits1References1
Rows per page
Query Builder