Lucene search
+L

153 matches found

code423n4
code423n4
added 2021/05/20 12:0 a.m.15 views

Unbounded loop in _removeNft could lead to a griefing/DOS attack

Handle shw Vulnerability details Impact Griefing/DOS attack is possible when a malicious NFT contract sends many NFTs to the vault, which could cause excessive gas consumed and even transactions reverted when other users are trying to unlock or transfer NFTs. Proof of Concept 1. The function...

6.8AI score
Exploits0
cnnvd
cnnvd
added 2021/04/20 12:0 a.m.1 views

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is a set of email client software from the Mozilla Foundation that is separate from the Mozilla Application Suite. Mozilla Thunderbird has a security vulnerability that could be exploited by attackers to perform operations on unlocked keys without having to unlock them...

7.5CVSS8.3AI score0.00853EPSS
Exploits1References8
osv
osv
added 2021/04/06 4:26 p.m.5 views

SUSE-SU-2021:1029-1 Security update for gssproxy

This update for gssproxy fixes the following issues: - CVE-2020-12658: Fixed an issue where gssproxy was not unlocking condmutex before pthread exit in gpworkermain bsc1180515...

9.8CVSS9.5AI score0.01681EPSS
Exploits0References3
hackerone
hackerone
added 2021/01/23 2:19 p.m.65 views

Snapchat: CSRF when unlocking lenses leads to lenses being forcefully installed without user interaction

Hi, The url below allows a user to unlock a particular lens. Once they have opened the URL on their phone, Snapchat opens up and prompts the user to unlock this lens. https://www.snapchat.com/unlock/?type=SNAPCODE&uuid=6ff5a565fca249a1948b1963ee2881b4&metadata=01 By changing the value of type in...

Exploits0
cnnvd
cnnvd
added 2020/12/31 12:0 a.m.10 views

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in rusqlite crate before 0.23.0 for Rust, which stems from a memory safety violation that can be exploited via unlocking...

9.8CVSS5.8AI score0.01715EPSS
Exploits0References3
schneier
schneier
added 2020/12/18 12:53 p.m.122 views

US Schools Are Buying Cell Phone Unlocking Systems

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents from eight school districts, seven of which are in Texas, showing that administrators paid as much $11,582 for the controversial...

2.1AI score
Exploits0
cnnvd
cnnvd
added 2020/11/30 12:0 a.m.11 views

Tesla Model X Data Falsification Issue Vulnerability

Tesla The Tesla Model X is a new energy vehicle from the American company Tesla. Tesla Model X vehicles versions prior to 2020-11-23 suffer from a security vulnerability that stems from having critical fobs that can accept firmware updates without signature verification.This allows an attacker to...

6.5CVSS6.7AI score0.00406EPSS
Exploits1References2
openvas
openvas
added 2020/11/20 12:0 a.m.6 views

GaussDB Kernel: Configuring the Automatic Account Unlocking Time

Configure the automatic account unlocking time for locked abnormal accounts. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

7.4AI score
Exploits0
openvas
openvas
added 2020/11/20 12:0 a.m.7 views

GaussDB Kernel: Enabling the Auditing of Database Locking and Unlocking

The parameter audituserlocked specifies whether to audit the locking and unlocking of database users. After this parameter is set to on, the locking status of database accounts is traced. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources,...

7.2AI score
Exploits0
openvas
openvas
added 2020/11/11 12:0 a.m.9 views

openGauss: Enabling the Auditing of Database Locking and Unlocking

The parameter audituserlocked specifies whether to audit the locking and unlocking of database users. After this parameter is set to on, the locking status of database accounts is traced. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources,...

7.2AI score
Exploits0References1
openvas
openvas
added 2020/11/11 12:0 a.m.8 views

openGauss: Configuring the Automatic Account Unlocking Time

Configure the automatic account unlocking time for locked abnormal accounts. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

7.4AI score
Exploits0References1
nvd
nvd
added 2020/09/10 2:15 a.m.16 views

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

5.1CVSS0.00225EPSS
Exploits0References1
cnvd
cnvd
added 2020/05/28 12:0 a.m.4 views

Huawei Honor 9X License Issue Vulnerability

Huawei Honor 9X is a smartphone from Chinese company Huawei Huawei. An authorization issue vulnerability exists in the handling of the Alarm Clock feature in previous versions of Huawei Honor 9X 9.1.1.172 C00E170R8P1. An attacker can exploit the vulnerability with the help of a specially crafted...

2.4CVSS6.7AI score0.00247EPSS
Exploits0References1
cnvd
cnvd
added 2020/03/25 12:0 a.m.1 views

Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-33791)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to enable OEM unlocking on KG-registered devices and download custom...

5.5CVSS6.6AI score0.00126EPSS
Exploits0References1
wired
wired
added 2019/08/07 8:51 p.m.55 views

How AT&T Insiders Were Bribed to 'Unlock' Millions of Phones

One cybersecurity threat that’s proven difficult for wireless carriers to combat? Their own employees...

2.9AI score
Exploits0
wired
wired
added 2019/06/14 10:5 p.m.214 views

Cellebrite Now Says It Can Unlock Any iPhone for Cops

In a strangely public product announcement, the phone-cracking firm revealed a powerful new device...

2.7AI score
Exploits0
prion
prion
added 2019/05/31 12:29 p.m.18 views

Authentication flaw

The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking...

3.3CVSS6.7AI score0.0084EPSS
Exploits1References1Affected Software1
androidsecurity
androidsecurity
added 2019/04/01 12:0 a.m.75 views

Android Security Bulletin—April 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-04-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

10CVSS8.5AI score0.01224EPSS
Exploits0
androidsecurity
androidsecurity
added 2019/04/01 12:0 a.m.11 views

Pixel Update Bulletin—April 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Google Pixel devices Google devices. For Google devices, security patch levels of 2019-04-05 or later address all issues in this bulletin and all issues in the April 2019 Android...

7.8AI score
Exploits0
nessus
nessus
added 2018/09/12 12:0 a.m.27 views

FreeBSD : X11 Session -- SDDM allows unauthorised unlocking (f00acdec-b59f-11e8-805d-001e2a3f778d)

MITRE reports : An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. The default configuration of SDDM on...

7.5CVSS6.5AI score0.01019EPSS
Exploits0References3
Rows per page
Query Builder