16 matches found
CVE-2024-6295
udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...
CVE-2024-6294
udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...
CVE-2024-6295 udn News App - Insecure Data Storage
udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...
CVE-2024-6295
CVE-2024-6295 concerns the udn News Android APP, where the app stores the unencrypted user session in the local database after login. The connected CNNVD entry specifies that versions prior to 4.20.1 are affected, enabling a malicious app or an attacker with physical access to retrieve the sessio...
CVE-2024-6295 udn News App - Insecure Data Storage
udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...
CVE-2024-6294 udn News App - Sensitive Information Exposure
udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...
CVE-2024-6294
The CVE-2024-6294 entry concerns udn News Android APP storing the user session in a logcat file during login, enabling a local attacker with physical access or a malicious app to retrieve the session and log into the news app and other services. Public sources confirm the issue as an information ...
SUSE CVE-2012-5959
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka uuid field within a...
SUSE CVE-2012-5961
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices 1.3.1 allows remote attackers to execute arbitrary code via a long UDN aka device field in a UDP packet...
VulnCheck KEV: CVE-2012-5959
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka uuid field...
udn.com XSS vulnerability
Open Bug Bounty ID: OBB-401702 Description| Value ---|--- Affected Website:| udn.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
udn.com Open Redirect vulnerability
Vulnerable URL: https://udn.com/redir.html?url=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 31.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 711 VIP website status:|...
CVE-2012-5959
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka uuid field within a...
CVE-2012-5960
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka upnp:rootdevice field ...
CVE-2012-5961
CVE-2012-5961 affects the Portable SDK for UPnP Devices (libupnp) 1.3.1, where a stack-based buffer overflow in unique_service_name() in ssdp/ssdp_server.c allows remote attackers to execute arbitrary code via a long UDN in a UDP packet. Connected advisories show multiple vendor updates (e.g., op...
CVE-2012-5960
Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka upnp:rootdevice field ...