Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2025/03/11 12:0 a.m.6 views

PT-2025-10897 · Nvidia · Nvidia Riva

Name of the Vulnerable Software and Affected Versions: NVIDIA Riva versions up to and including 2.18.0 Description: The issue is related to improper access control, which could lead to escalation of privileges, data tampering, denial of service, or information disclosure. A successful exploit of...

7.5CVSS7.8AI score0.01896EPSS
Exploits0References25
OSV
OSV
added 2024/05/29 12:11 p.m.7 views

SUSE-SU-2024:1837-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - CVE-2024-30260: undici: proxy-authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline bsc1222530 - CVE-2024-30261: undici: Ensure that integrity cannot be tampered with bsc1222603...

4.3CVSS4.6AI score0.00803EPSS
Exploits1References5
OSV
OSV
added 2024/03/25 6:57 p.m.7 views

CVE-2024-28850 WP Crontrol possible RCE when combined with a pre-condition

WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability...

8.1CVSS7.9AI score0.00165EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/01 1:54 p.m.8 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.006EPSS
Exploits1References5
CakePHP
CakePHP
added 2017/11/22 12:0 a.m.23 views

Mozilla Secure Open Source security review published

Mozilla Secure Open Source security review published Earlier this year we were contacted by Mozilla and notified that our application to the Mozilla Secure Open Source program was accepted and that we would be receiving a review through the SOS program. The SOS program provides security auditing,...

7.2AI score
Exploits0
myhack58
myhack58
added 2015/08/01 12:0 a.m.17 views

By hungry cryptography misuse of the actuator to bypass the defense talking about the android cryptographic vulnerability-the vulnerability warning-the black bar safety net

Cryptography is misused in the app is a big problem, almost all apk's checksum algorithm can be simulated Hungry the algorithm robustness and concealment was good, the proposed terms is in order to prove that the signature checking mechanism of the vulnerable Although presented to the hungry, but...

Exploits0
RedHat Linux
RedHat Linux
added 2013/10/17 5:15 p.m.4 views

rubygems: Two security fixes in v1.8.23

RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

4.3CVSS7.4AI score0.01374EPSS
Exploits0References4
myhack58
myhack58
added 2009/03/29 12:0 a.m.33 views

iGuard simple break-vulnerability warning-the black bar safety net

Source:Prince InfoGuard,called iGuard,commonly known as the page file to prevent tampering,yesterday night was the stuff of the head,a good study,found a solution,record it. First give a This something to the effect of,just lost a webshell in,not killed,on the server is there,but the access time...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.51 views

bios-backdoors.txt

Date: Tue, 3 Nov 1998 13:22:20 -0600 From: Paul L Schmehl To: [email protected] Subject: BIOS Backdoor Passwords I've been out of the office since posting the comments about the ineffectiveness of BIOS passwords, and I returned to find to my surprise numerous requests for informati...

7.4AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.8 views

Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update x86 (KB979910)

A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...

2.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.14 views

Microsoft .NET Framework 3.5, Windows Vista SP1, and Windows Server 2008 Security Update x86 (KB979913)

A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...

2.7AI score
Exploits0
Rows per page
Query Builder