Lucene search
+L

138 matches found

ibm
ibm
added 2022/02/22 7:27 p.m.26 views

Security Bulletin: Potential security vulnerability in the WebSphere Application Server Admin Console affects Tivoli Storage Productivity Center (CVE-2017-1501)

Summary There is a potential security vulnerability in the WebSphere Application Server Admin Console affecting Tivoli Storage Productivity Center if you have updated the web services security bindings settings. If you changed the cipher suites in the web services security bindings settings, they...

5.9CVSS5.9AI score0.02033EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/04/13 8:46 p.m.89 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2018-1288 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions. By using a manually created fetch request interfering with data replication, an attacker cou...

10CVSS0.5AI score0.87218EPSS
Exploits16Affected Software1
threatpost
threatpost
added 2021/02/04 7:26 p.m.15 views

Nespresso Smart Cards Brewed with Weak Security

Researchers have demonstrated how to outsmart Nespresso Pro machines that use certain smart cards, hacking them to dispense coffee on-demand. Nespresso produces a range of coffees and machines for personal and professional use. Some of the commercial machines accept Mifare Classic stored-value...

7.2AI score
Exploits0References10
prion
prion
added 2021/02/04 6:15 a.m.23 views

Code injection

An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 February 2021...

7.5CVSS9.2AI score0.00437EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/02/04 5:15 a.m.31 views

CVE-2021-26688

An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 February 2021...

9.6AI score0.00437EPSS
Exploits0References1
cvelist
cvelist
added 2020/12/17 4:7 a.m.19 views

CVE-2020-27199

The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication function. Using enumeration, an attacker is able to forge a User specific token without the need for...

7.9AI score0.02875EPSS
Exploits4References1
nessus
nessus
added 2020/10/23 12:0 a.m.30 views

IBM WebSphere Application Server 8.0.0.x < 8.0.0.14 / 8.5.x < 8.5.5.12 / 9.0.x < 9.0.0.5 Weak Security Bindings (CVE-2017-1501)

The IBM WebSphere Application Server running on the remote host is version 8.0.0.x prior to 8.0.0.14, 8.5.0.x prior to 8.5.5.12 or 9.0.x prior to 9.0.0.5. It is, therefore, affected by a vulnerability in the web services security bindings settings. If cipher suites were changed in the web service...

5.9CVSS6.6AI score0.02033EPSS
Exploits0References2
hackerone
hackerone
added 2020/09/26 8:41 p.m.21 views

Mail.ru: Brute Force due to Weak security credentials lead access to LICENSE SYSTEM Web Server on [l.ucs.ru]

Login functionality on l.ucs.ru was not sufficiently protected against bruteforce...

2.5AI score
Exploits0
prion
prion
added 2020/05/13 4:15 p.m.15 views

Default configuration

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker c...

6.8CVSS8AI score0.0086EPSS
Exploits0References1Affected Software20
cvelist
cvelist
added 2020/05/13 3:10 p.m.26 views

CVE-2019-9682

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker c...

8.1AI score0.0086EPSS
Exploits0References1
nvd
nvd
added 2019/11/15 3:15 p.m.23 views

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not being applied to STARTTLS connections...

5.9CVSS5.7AI score0.01522EPSS
Exploits0References6
prion
prion
added 2019/11/15 3:15 p.m.23 views

Code injection

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not being applied to STARTTLS connections...

4.3CVSS7AI score0.01522EPSS
Exploits0References6Affected Software2
ubuntucve
ubuntucve
added 2019/11/15 3:15 p.m.27 views

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not being applied to STARTTLS connections...

5.9CVSS6.2AI score0.01522EPSS
Exploits0References3
cvelist
cvelist
added 2019/11/15 2:4 p.m.30 views

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not being applied to STARTTLS connections...

5.7AI score0.01522EPSS
Exploits0References6
cve
cve
added 2019/11/15 2:4 p.m.59 views

CVE-2013-4584

CVE-2013-4584 affects Perdition before 2.2, where an error in handling outbound connections during STARTTLS for IMAP/POP causes ssl_outgoing_ciphers not to be applied. This results in weaker security for outbound connections; the literature does not provide exploit vectors, affected versions beyond

5.9CVSS5.7AI score0.01522EPSS
Exploits0References6Affected Software1
debiancve
debiancve
added 2019/11/15 2:4 p.m.36 views

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssloutgoingciphers not being applied to STARTTLS connections...

5.9CVSS5.7AI score0.01522EPSS
Exploits0
wpvulndb
wpvulndb
added 2019/06/26 12:0 a.m.12 views

Live Chat Unlimited <= 2.8.3 - Stored Cross-Site Scripting (XSS)

Weak security measures like bad input field data filtering has been discovered in the 'Live Chat Unlimited'. PoC Go to the demo website https://screets.com/try/lcx/night-bird/ and open chat window by clicking on «Open/close» link, then click on «Online mode» to go online. Use your payload inside...

0.4AI score
Exploits0References2Affected Software1
zdt
zdt
added 2019/06/26 12:0 a.m.305 views

WordPress Live Chat Unlimited 2.8.3 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Live Chat Unlimited v2.8.3 Stored XSS Injection Google Dork: inurl:"wp-content/plugins/screets-lcx" Date: 2019/06/25 Exploit Author: m0ze Vendor Homepage: https://screets.com/ Software Link:...

7.1AI score
Exploits0
wpexploit
wpexploit
added 2019/06/25 12:0 a.m.26 views

iLive <= 1.0.4 - Stored Cross-Site Scripting (XSS)

Info: Weak security measures like bad textarea data filtering has been discovered in the 'iLive - Intelligent WordPress Live Chat Support Plugin'. Current version of this premium WordPress plugin is 1.0.4. Demo Website: https://codecanyon.net/item/ilive-wordpress-live-chat-support-plugin/20496563...

7.2AI score
Exploits0References2
wpexploit
wpexploit
added 2019/06/11 12:0 a.m.46 views

Support Board - Chat And Help Desk | Support & Chat <= 1.2.8 Stored XSS

Info: Weak security measures like bad textarea data filtering has been discovered in the «Support Board - Chat And Help Desk | Support & Chat». Demo Website: https://codecanyon.net/item/support-board-chat-and-help-desk/20752085 Backend: https://board.support/desk-demo/?login=true Login / Password...

7.3AI score
Exploits0References1
Rows per page
Query Builder