Lucene search
K

63 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.23 views

Juniper Junos OS Unchecked Return Value (JSA73149)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73149 advisory. - An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, th...

8.8CVSS8AI score0.00582EPSS
Exploits0References5
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/10/10 5:4 a.m.46 views

IoT Secure Development Guide

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted so that a finished product is as...

8AI score
Exploits0
Prion
Prion
added 2023/05/30 5:15 a.m.28 views

Hardcoded credentials

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

5CVSS7.5AI score0.00651EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/05/30 4:31 a.m.33 views

CVE-2023-33175 ToUI allows user-specific variables to be shared between users

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

9.1CVSS7.8AI score0.00651EPSS
Exploits0References4
CVE
CVE
added 2023/05/30 4:31 a.m.72 views

CVE-2023-33175

ToUI is affected by CVE-2023-33175 due to improper handling of the Website.user_vars attribute when using Flask-Caching (SimpleCache). The root cause is that user-specific variables are stored on the server-side cache, allowing exposure across users. Affected versions are 2.0.1 through 2.4.0; the...

9.1CVSS8.4AI score0.00651EPSS
Exploits0References2Affected Software1
Securelist
Securelist
added 2023/02/07 8:0 a.m.19 views

Web beacons on websites and in e-mail

There is a vast number of trackers, which gather information about users activities online. For all intents and purposes, we have grown accustomed to online service providers, marketing agencies, and analytical companies tracking our every mouse click, our social posts, browser and streaming...

Exploits0
Hacker One
Hacker One
added 2022/09/23 6:24 p.m.12 views

MetaMask: Possible to spoof Origin in "Connected Sites"

A vulnerability was discovered in MetaMask that allowed for the spoofing of the origin domain name in the "Connected Sites" list. This was caused by a CSS style sheet that set the direction to "right-to-left", which resulted in the order of characters in the domain name being messed up and...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 9:58 a.m.11 views

Security Bulletin: Cross-Site Request Forgery vulnerability in IBM InfoSphere Master Data Management Server (CVE-2014-0873)

Summary The IBM InfoSphere Master Data Management Server User Interfaces are vulnerable to Cross-Site Request Forgery attacks. Vulnerability Details CVE ID: CVE-2014-0873 DESCRIPTION: Due to insufficient safeguards against cross-site request forgery in the IBM InfoSphere Master Data Management...

6.8CVSS5.9AI score0.0057EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.4 views

Huawei Smartphone 竞争条件问题漏洞

The Huawei Smartphone is a smartphone from the Chinese company Huawei. A security vulnerability exists in Huawei Emui and Magic UI, which can be exploited by an attacker to cause an anomaly when managing the system's trust list...

4.3CVSS5.9AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2021/05/18 6:1 a.m.12 views

ALEA-2021:1755 new module: swig:4.0

The simplified wrapper and interface generator SWIG is a software development utility to connect C, C++, and Objective C programs with a variety of high-level programming languages. SWIG is used to create high-level interpreted programming environments, systems integration, and as a utility for...

6.7AI score
Exploits0References1
Fedora
Fedora
added 2021/03/20 12:21 a.m.66 views

[SECURITY] Fedora 34 Update: gtk4-4.1.2-1.fc34

GTK is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK is suitable for projects ranging from small one-off tools to complete application suites. This package contains version 4 of GTK...

5.5CVSS3.2AI score0.00639EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/01/25 12:0 a.m.15 views

Fedora: Security Advisory for sddm (FEDORA-2021-7066b95c99)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS6.4AI score0.00415EPSS
Exploits1References2
OSV
OSV
added 2020/05/20 2:15 p.m.1 views

CVE-2020-3956

VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to...

8.8CVSS7.8AI score0.211EPSS
Exploits11References4
OSV
OSV
added 2020/04/15 2:15 p.m.3 views

CVE-2020-2945

Vulnerability in the Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management product of Oracle Financial Services Applications component: User Interfaces. Supported versions that are affected are 8.0.7 and 8.0.8. Easily exploitable vulnerability allows low privilege...

7.1CVSS7.1AI score0.0121EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.3 views

CVE-2020-2891

Vulnerability in the Oracle Financial Services Liquidity Risk Management product of Oracle Financial Services Applications component: User Interfaces. The supported version that is affected is 8.0.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

7.1CVSS7.1AI score0.01195EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/04/15 1:29 p.m.10 views

CVE-2020-2891

Vulnerability in the Oracle Financial Services Liquidity Risk Management product of Oracle Financial Services Applications component: User Interfaces. The supported version that is affected is 8.0.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

7.1CVSS6.2AI score0.01195EPSS
Exploits0References1
Cent OS
Cent OS
added 2018/11/15 7:12 p.m.151 views

xorg security update

CentOS Errata and Security Advisory CESA-2018:3410 An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.2CVSS7AI score0.2704EPSS
Exploits39References7
The Hacker News
The Hacker News
added 2018/10/03 6:36 p.m.224 views

Wi-Fi Gets Simplified Version Numbers and Next Version is Wi-Fi 6

Do you know what is the latest version of Wi-Fi? It's okay if you don't know. It is — Wi-Fi is 802.11ac. I am sure many of us can't answer this question immediately because the Wi-Fi technology doesn't have a traditional format of version numbers… at least until yesterday. The Wi-Fi Alliance—the...

0.3AI score
Exploits0
Fedora
Fedora
added 2018/08/11 7:13 p.m.44 views

[SECURITY] Fedora 28 Update: mingw-glibmm24-2.56.0-1.fc28

glibmm provides a C++ interface to the GTK+ GLib low-level core library. Highlights include typesafe callbacks, widgets extensible via inheritance and a comprehensive set of widget classes that can be freely combined to quickly create complex user interfaces...

7.8CVSS2.2AI score0.05033EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2017/08/01 12:6 p.m.6 views

Moderate: Red Hat Bug Fix Advisory: GTK+ bug fix update

An update for GTK+ is now available for Red Hat Enterprise Linux 7. The GTK+ packages contain the GIMP ToolKit GTK+, a library for creating graphical user interfaces for the X Window System. For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes...

9.3CVSS6.7AI score0.03868EPSS
Exploits0References23
Rows per page
Query Builder