Lucene search
K

401 matches found

Openbugbounty
Openbugbounty
added 2022/03/07 9:15 a.m.13 views

tk-expert.de Improper Access Control vulnerability OBB-2413318

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress TK Event Weather plugin <= 1.6.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress TK Event Weather plugin versions = 1.6.6. Solution No patched version available...

3.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.15 views

WordPress TK Event Weather plugin <= 1.6.6 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress TK Event Weather plugin versions = 1.6.6. Solution No patched version available...

2.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.8 views

WordPress TK Google Fonts GDPR Compliant plugin <= 2.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress TK Google Fonts GDPR Compliant plugin versions = 2.2.0. Solution Update the WordPress TK Google Fonts GDPR Compliant plugin to the latest available version at least 2.2.1...

3.5AI score
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/18 3:29 a.m.5 views

SUSE-FU-2022:0484-1 Feature update for tcl and tk

This feature update for tcl and tk fix the following issues: Update tcl and tk to version 8.6.12 jscSLE-21015, jscSLE-23283: - Move tcl.macros to /usr/lib/rpm/macros.d bsc1185662 - Use FAT LTO objects in order to provide proper static library bsc1138797 - Fix tcl build issues on s390 architecture...

7.8CVSS8.2AI score0.01639EPSS
Exploits1References9
Fedora
Fedora
added 2022/02/04 1:23 a.m.31 views

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-6.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

9.8CVSS8.7AI score0.03399EPSS
Exploits0
Fedora
Fedora
added 2021/11/12 12:38 a.m.15 views

[SECURITY] Fedora 35 Update: q-7.11-44.fc35

Q is a powerful and extensible functional programming language based on the term rewriting calculus. You specify an arbitrary system of equations which the interpreter uses as rewrite rules to reduce expressions to normal form. Q is useful for scientific programming and other advanced application...

7.1AI score
Exploits0
Fedora
Fedora
added 2021/09/21 3:33 p.m.43 views

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-5.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

7.5CVSS7.8AI score0.03154EPSS
Exploits1
NVD
NVD
added 2021/07/07 2:15 p.m.28 views

CVE-2020-24142

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

9.8CVSS0.01684EPSS
Exploits0References1
Prion
Prion
added 2021/07/07 2:15 p.m.11 views

Directory traversal

Directory traversal in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter...

5CVSS7.5AI score0.01967EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/07/07 2:15 p.m.22 views

Server side request forgery (ssrf)

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

7.5CVSS9.3AI score0.01684EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/07 1:35 p.m.33 views

CVE-2020-24142

Server-side request forgery in the Video Downloader for TikTok aka downloader-tiktok plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. It can help identify open ports, local network hos...

9.5AI score0.01684EPSS
Exploits0References1
Fedora
Fedora
added 2021/06/03 1:1 a.m.60 views

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-6.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

9.1CVSS1.4AI score0.02876EPSS
Exploits0
Fedora
Fedora
added 2021/03/19 8:28 p.m.69 views

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-1.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

7.5CVSS1.4AI score0.04851EPSS
Exploits0
Fedora
Fedora
added 2021/03/15 1:20 a.m.47 views

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-5.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

9.8CVSS1.4AI score0.04851EPSS
Exploits0
Fedora
Fedora
added 2021/03/15 1:8 a.m.55 views

[SECURITY] Fedora 32 Update: python-pillow-7.0.0-7.fc32

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

9.8CVSS1.4AI score0.04851EPSS
Exploits0
OSV
OSV
added 2021/02/01 9:15 p.m.3 views

CVE-2019-20468

An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READEXTERNALSTORAGE, WRITEEXTERNALSTORAGE, and READCONTACTS...

9.8CVSS7.3AI score0.02295EPSS
Exploits0References3
NVD
NVD
added 2021/02/01 9:15 p.m.49 views

CVE-2019-20468

An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READEXTERNALSTORAGE, WRITEEXTERNALSTORAGE, and READCONTACTS...

9.8CVSS9.5AI score0.02295EPSS
Exploits0References3
NVD
NVD
added 2021/02/01 9:15 p.m.20 views

CVE-2019-20473

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use...

6.8CVSS6.5AI score0.00394EPSS
Exploits0References3
NVD
NVD
added 2021/02/01 9:15 p.m.24 views

CVE-2019-20471

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used 123456 for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-2047...

7.8CVSS7.5AI score0.00352EPSS
Exploits0References3
Rows per page
Query Builder