Lucene search
K

88 matches found

CNVD
CNVD
added 2018/07/04 12:0 a.m.2 views

SP8DE Token (SPX) Integer Overflow Vulnerability

SP8DE Token SPX is a smart contract that runs on Ether. An integer overflow vulnerability exists in the mint function in SP8DE Token SPX. An attacker could use this vulnerability to arbitrarily retrieve a minted token...

7.5CVSS7.1AI score0.00923EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/03 12:0 a.m.3 views

Useless Ethereum Token Information Disclosure Vulnerability

Useless Ethereum Token UET is a virtual currency. A security vulnerability exists in the 'transferFrom' function implemented by smart contract in UET, which stems from the program's failure to correctly compute calculations containing the 'value' parameter. The vulnerability can be exploited by a...

7.5CVSS6.9AI score0.01595EPSS
Exploits3References1
exploitpack
exploitpack
added 2018/01/11 12:0 a.m.16 views

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check...

0.6AI score
Exploits0
OSV
OSV
added 2016/04/07 11:59 p.m.11 views

CVE-2016-0790

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach...

5.3CVSS7AI score
Exploits0References3
Hacker One
Hacker One
added 2014/05/30 9:25 p.m.9 views

X (Formerly Twitter): Token remains alive ever after logging out!

Please check the video for Full Proof of Concept...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/04/27 12:0 a.m.15 views

Joomla! < 1.5.16 Multiple Vulnerabilities (deprecated)

Binary data 5518.prm...

7.3AI score
Exploits0References4
canvas
canvas
added 2005/01/10 5:0 a.m.37 views

Immunity Canvas: MSIMPERSONATE

Name| msimpersonate ---|--- CVE| CVE-2004-0894 Exploit Pack| CANVAS Description| msimpersonate MS04-044 Notes| CVE Name: CVE-2004-0894 VENDOR: Microsoft MSADV: MS04-044 Discovered By: Cesar Cerrudo MSRC: http://www.microsoft.com/technet/security/bulletin/MS04-044.mspx CVE Url:...

7.2CVSS6.4AI score0.03629EPSS
Exploits1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.19 views

Timing attack vector for remember me token

The current rememberme token verification process leaves the application open to a timing attack. Since the default is for the token to be stored as a cookie and for cookies to be encrypted, an attacker would have to know the application secret to exploit this. However, should a custom guard be...

5.9CVSS5.4AI score0.01193EPSS
Exploits0Affected Software1
Rows per page
Query Builder