Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34810

Malicious code in bioql PyPI...

7.4CVSS6.6AI score0.00192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/26 9:48 p.m.19 views

CVE-2024-34454

Nintendo Wii U OS 5.5.5 allows man-in-the-middle attackers to forge SSL certificates as though they came from a Root CA, because there is a secondary verification mechanism that only checks whether a CA is known and ignores the CA details and signature and because is accepted as a Common Name...

6.8AI score0.00192EPSS
Exploits0References2
CVE
CVE
added 2020/12/29 5:57 p.m.61 views

CVE-2020-9207

CVE-2020-9207 describes an improper authentication vulnerability in Huawei CloudEngine products. A module fails to verify input files, allowing attackers to craft malicious files to bypass verification and potentially disrupt normal service. Connected sources confirm the issue affects Huawei Clou...

7.8CVSS7.7AI score0.00559EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/12/07 4:15 p.m.16 views

Remote code execution

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller BMC program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the attacker who obtains the...

6.5CVSS7.4AI score0.01164EPSS
Exploits0References2Affected Software15
Cvelist
Cvelist
added 2020/12/07 3:34 p.m.22 views

CVE-2020-26122

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller BMC program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the attacker who obtains the...

7.5AI score0.01164EPSS
Exploits0References2
Veracode
Veracode
added 2020/08/03 6:13 a.m.25 views

Remote Code Execution

friendsoftypo3/mediace is vulnerable to remote code execution. An attacker who has access to Extbase plugin or module action within a TYPO3 installation is able to execute arbitrary code by injecting arbitrary data with a valid cryptographic MAC. The vulnerability exists due to an insecure intern...

9.8CVSS4.1AI score0.02721EPSS
Exploits1References4Affected Software1
Typo3
Typo3
added 2020/07/28 12:0 a.m.36 views

Sensitive Information Disclosure

It has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic message authentication code HMAC-SHA1 and can lead to various attack chains as described below...

6.8CVSS3.2AI score0.02575EPSS
Exploits1Affected Software1
Prion
Prion
added 2019/12/23 6:15 p.m.18 views

Code injection

On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints...

5.8CVSS7.4AI score0.00483EPSS
Exploits0References1Affected Software1
myhack58
myhack58
added 2019/04/25 12:0 a.m.58 views

With Yahoo and Paypal is related to two distinct vulnerabilities-vulnerability warning-the black bar safety net

! This article share with Yahoo and Paypal is related to two unique vulnerability, one for Yahoo IDOR vulnerability insecure direct object references, another for Paypal, DoS vulnerabilities, two vulnerabilities found are for the Indian security engineers, which found that principles and ideas ar...

6.9AI score
Exploits0
OSV
OSV
added 2017/04/04 2:59 p.m.20 views

CVE-2017-3204

The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...

8.1CVSS6.5AI score
Exploits0References5
Vulnerability Lab
Vulnerability Lab
added 2016/08/12 12:0 a.m.107 views

PayPal Inc BB #127 - 2FA Bypass Vulnerability

Document Title: =============== PayPal Inc BB 127 - 2FA Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1903 Release Date: ============= 2016-08-12 Vulnerability Laboratory ID VL-ID: ==================================== 1903 Common...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/24 12:0 a.m.35 views

Cisco Unified IP Phones Multiple Vulnerabilities (cisco-sa-20110601-phone)

According to its self-reported version, the version of the Cisco Unified IP Phone software running on the remote device has the following vulnerabilities : - Cisco Unified IP Phones 7900 series are prone to privilege escalation vulnerabilities. An authenticated attacker could exploit this issue t...

6.6CVSS5.6AI score0.00271EPSS
Exploits0References4
Rows per page
Query Builder