7411 matches found
CVE-2023-40040
An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...
CVE-2023-40040
An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...
CVE-2023-40040
The CVE-2023-40040 entry affects MyCrops HiGrade “THC Testing & Cannabi” app 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in scenarios where Android lacks runtime permission checks, specifically on Android SDK 5.1...
Drupal 10.1.2 - web-cache-poisoning-External-service-interaction Vulnerability
Title: drupal-10.1.2 web-cache-poisoning-External-service-interaction Author: nu11secur1ty Vendor: https://www.drupal.org/ Software: https://www.drupal.org/download Reference: https://portswigger.net/kb/issues/00300210external-service-interaction-http Description: It is possible to induce the...
Best Practices for Testing Akamai App & API Protector
...
[SECURITY] Fedora 38 Update: python3.8-3.8.18-1.fc38
Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...
A history of ransomware: How did it get this far?
Today's ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted filenames a...
GHSA-P986-HPR3-493P Missing permission checks in Jenkins Frugal Testing Plugin
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
CSRF vulnerability in Jenkins Frugal Testing Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...
Missing permission checks in Jenkins Frugal Testing Plugin
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
GHSA-G6RX-2W84-XMGJ CSRF vulnerability in Jenkins Frugal Testing Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...
CVE-2023-41946
A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...
CVE-2023-41947
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
CVE-2023-41947
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...
Design/Logic Flaw
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
CVE-2023-36387 Apache Superset: Improper API permission for low privilege users
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections...
CVE-2023-41947
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
CVE-2023-41947
A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...
CVE-2023-41947
CVE-2023-41947 affects Jenkins Frugal Testing Plugin 1.1 and earlier. The root cause is a missing permission check, allowing attackers with Overall/Read permissions to connect to Frugal Testing using attacker-specified credentials. Documented impact is limited to the ability to connect with suppl...