CVE-2019-25437

CVE-2019-25437 affects Foscam Video Management System 1.1.6.6. A buffer overflow in the UID field can crash the application via a 5000-character UID input during device addition, triggered when the Login Check function runs. The issue is locally exploitable with low attack complexity and no privi...

CVE-2019-25437 Foscam Video Management System 1.1.6.6 Buffer Overflow Denial of Service

Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 5000-character buffer into the UID parameter during device addition to trigger an...

Authentication flaw

omniauth-apple is the OmniAuth strategy for "Sign In with Apple" RubyGem omniauth-apple. In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the...

CVE-2012-4604

The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorerwse/favorites.exe...

CVE-2012-4604

The CVE-2012-4604 issue affects the TRITON management console in Websense Web Security prior to 7.6 Hotfix 24. An authentication bypass vulnerability allows remote attackers to read arbitrary reports by tampering with cookies containing a crafted uid field and a crafted userRoles field, as demons...