CVE-2023-41823

An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities...

Motorola Phone Extension 安全漏洞

Motorola Phone Extension is a cell phone application from Motorola USA. A security vulnerability exists in Motorola Phone Extension, which stems from an incorrect export vulnerability that could allow a local attacker to perform unauthorized activities...

Exploit for Code Injection in Apache Ofbiz

Apache OFBiz Authentication Bypass Vulnerability CVE-2023-514...

Exploit for CVE-2021-34527

CVE-2021-34527 PrintNightmare PoC 👾 📝 Description This sim...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

Project Name CVE-2021-22555 attack script Description Th...

Authorization

This vulnerability exists in Milesight 4K/H.265 Series NVR models MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC, due to improper authorization at the Milesight NVR web-based management interface. A remote attacker could exploit this vulnerability by sending a specially...

CVE-2022-30712

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...

GHSA-H2XH-JVPF-XQ42 Zope does not properly perform security registration for legacy names

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities...

Zope does not properly perform security registration for legacy names

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities...

GHSA-WCWP-R3FJ-MM3P Zope DTML implementation Improper Authentication

The DTML implementation in the Z Object Publishing Environment Zope allows remote attackers to conduct unauthorized activities...

Zope DTML implementation Improper Authentication

The DTML implementation in the Z Object Publishing Environment Zope allows remote attackers to conduct unauthorized activities...

CVE-2021-20405

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183...

Design/Logic Flaw

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to perform unauthorized activities due to improper encoding of output. IBM X-Force ID: 196183...

CVE-2021-20405

CVE-2021-20405 affects IBM Security Verify Information Queue (ISIQ) versions 1.0.6 and 1.0.7. The root cause is improper encoding of output in web error/message handling, which could allow a user to perform unauthorized activities or disclose information via improperly encoded responses. IBM’s bu...

IBM Security Verify Information Queue 授权问题漏洞

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. An elevation of privilege vulnerability exists in IBM Security Verify Information Queue. The vulnerability stems from...

Denail Of Service (DoS)

Polygen is vulnerable to denial of service. Precompiled grammar objects with world-writable permissions that are generated allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...

PiDense - Monitor Illegal Wireless Network Activities (Fake Access Points)

Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities Now Calculates Unencrypted wireless network density Finds same ssid, different encryption Working...

CVE-2009-3041

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...

Design/Logic Flaw

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...

CVE-2009-3041

CVE-2009-3041 affects SPIP 1.9 prior to 1.9.2i and 2.0.x up to 2.0.8. The vulnerability is caused by improper access control in the files ecrire/exec/install.php and ecrire/index.php , allowing remote attackers to perform unauthorized actions related to installation and backups. The issue was exp...