Lucene search
K

213680 matches found

Prion
Prion
•added 2024/03/08 2:15 a.m.•28 views

Code injection

A permissions issue was addressed to help ensure Personas are always protected This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona...

7.1AI score0.00268EPSS
Exploits0References2
Prion
Prion
•added 2024/03/08 2:15 a.m.•21 views

Code injection

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent...

6.5AI score0.00435EPSS
Exploits0References6
Prion
Prion
•added 2024/03/08 2:15 a.m.•19 views

Cross site request forgery (csrf)

A vulnerability was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Setting/changepasswordsave of the component Password Reset Handler. The manipulation leads to cross-site...

5CVSS7.1AI score0.00331EPSS
Exploits1References3
Prion
Prion
•added 2024/03/08 2:15 a.m.•20 views

Design/Logic Flaw

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service...

5.9AI score
Exploits0References5
Prion
Prion
•added 2024/03/08 2:15 a.m.•25 views

Code injection

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A malicious app may be able to observe user data in log entries related to accessibility notifications...

6.2AI score0.00635EPSS
Exploits0References7
Prion
Prion
•added 2024/03/08 2:15 a.m.•28 views

Design/Logic Flaw

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI...

6.4AI score0.0048EPSS
Exploits0References4
Prion
Prion
•added 2024/03/08 2:15 a.m.•16 views

Race condition

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data...

1.2CVSS6.6AI score0.00171EPSS
Exploits0References6
Prion
Prion
•added 2024/03/08 2:15 a.m.•35 views

Code injection

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution...

7.1AI score0.01198EPSS
Exploits0References9
Prion
Prion
•added 2024/03/08 2:15 a.m.•28 views

Authentication flaw

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. Photos in the Hidden Photos Album may be viewed without authentication...

6.3AI score0.00672EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 2:15 a.m.•17 views

Design/Logic Flaw

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges...

4.4CVSS7AI score0.00277EPSS
Exploits0References9
Prion
Prion
•added 2024/03/08 2:15 a.m.•12 views

Design/Logic Flaw

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system...

6.6AI score0.00249EPSS
Exploits0References6
Prion
Prion
•added 2024/03/08 2:15 a.m.•24 views

Input validation

A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being...

6.5AI score0.01496EPSS
Exploits0References12
Prion
Prion
•added 2024/03/08 2:15 a.m.•28 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from bei...

6.5AI score0.01486EPSS
Exploits0References12
Prion
Prion
•added 2024/03/08 2:15 a.m.•29 views

Design/Logic Flaw

The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin...

6.4AI score0.01253EPSS
Exploits0References11
Prion
Prion
•added 2024/03/08 2:15 a.m.•29 views

Sql injection

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user...

6.4AI score0.01286EPSS
Exploits0References9
Prion
Prion
•added 2024/03/08 2:15 a.m.•14 views

Race condition

A race condition was addressed with improved state handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to leak sensitive user information...

5.5AI score0.00434EPSS
Exploits0References7
Prion
Prion
•added 2024/03/08 2:15 a.m.•18 views

Code injection

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to access user-sensitive data...

6.1AI score0.00503EPSS
Exploits0References7
Prion
Prion
•added 2024/03/08 2:15 a.m.•20 views

Code injection

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard...

2.6CVSS6AI score0.00715EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 2:15 a.m.•33 views

Sql injection

A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS7.6AI score0.00565EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 2:15 a.m.•25 views

Design/Logic Flaw

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk...

6.4AI score0.00249EPSS
Exploits0References2
Prion
Prion
•added 2024/03/08 2:15 a.m.•21 views

Information disclosure

Archer Platform 6.x before 6.14 P2 HF2 6.14.0.2.2 contains a sensitive information disclosure vulnerability. An unauthenticated attacker could potentially obtain access to sensitive information via an internal URL...

5CVSS6.6AI score0.00499EPSS
Exploits0References2
Prion
Prion
•added 2024/03/08 2:15 a.m.•30 views

Information disclosure

The issue was addressed with improved checks. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. A malicious application may be able to access private information...

6.2AI score0.00283EPSS
Exploits0References5
Prion
Prion
•added 2024/03/08 2:15 a.m.•21 views

Design/Logic Flaw

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system...

1.7CVSS6.6AI score0.00238EPSS
Exploits0References6
Prion
Prion
•added 2024/03/08 2:15 a.m.•21 views

Code injection

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user...

5.8AI score0.00237EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 2:15 a.m.•17 views

Code injection

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access user-sensitive data...

6.2AI score0.00261EPSS
Exploits0References7
Prion
Prion
•added 2024/03/08 2:15 a.m.•14 views

Sql injection

In the module "CD Custom Fields 4 Orders" cdcustomfields4orders = 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injection in affected versions...

8.3AI score0.00591EPSS
Exploits0References2
Prion
Prion
•added 2024/03/08 2:15 a.m.•17 views

Code injection

A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data...

6AI score0.00215EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 1:15 a.m.•17 views

Cross site scripting

A vulnerability has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Venuecontroller/editvenue/ of the component Edit Venue Page. The manipulation of the argument...

3.3CVSS6.5AI score0.00488EPSS
Exploits1References3
Prion
Prion
•added 2024/03/08 1:15 a.m.•16 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. Affected is an unknown function of the component OBS Patient/Gynee Prescription. The manipulation of the argument Patient Title/Full Name/Address/Cheif...

3.3CVSS6.5AI score0.00454EPSS
Exploits1References3
Prion
Prion
•added 2024/03/08 1:15 a.m.•16 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument Title leads to...

3.3CVSS6.5AI score0.00488EPSS
Exploits1References3
Prion
Prion
•added 2024/03/08 12:15 a.m.•15 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Justice Systems FullCourt Enterprise v.8.2 allows a remote attacker to execute arbitrary code via the formatCaseNumber parameter of the Citation search function...

6.7AI score0.00571EPSS
Exploits1References1
Prion
Prion
•added 2024/03/08 12:15 a.m.•19 views

Design/Logic Flaw

Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet...

7.4AI score0.00486EPSS
Exploits0References4
Prion
Prion
•added 2024/03/08 12:15 a.m.•11 views

Sql injection

A vulnerability classified as critical has been found in keerti1924 Online-Book-Store-Website 1.0. This affects an unknown part of the file /shop.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. It is possible to initiate the...

6.5CVSS7.8AI score0.00558EPSS
Exploits0References3
Prion
Prion
•added 2024/03/08 12:15 a.m.•17 views

Sql injection

A vulnerability classified as critical was found in keerti1924 Online-Book-Store-Website 1.0. This vulnerability affects unknown code of the file /home.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. The attack can be initiated...

6.5CVSS8AI score0.00558EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 11:15 p.m.•11 views

Sql injection

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The...

6.5CVSS7.7AI score0.00558EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 11:15 p.m.•22 views

Design/Logic Flaw

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. It has been classified as critical. Affected is an unknown function of the file /productupdate.php?update=1. The manipulation of the argument updateimage leads to unrestricted upload. It is possible to launch the attack...

5.8CVSS7.2AI score0.00568EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 11:15 p.m.•15 views

Cross site scripting

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /signup.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The...

5CVSS6.5AI score0.00552EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 10:15 p.m.•18 views

Cross site scripting

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

4CVSS6.7AI score0.00472EPSS
Exploits1References3
Prion
Prion
•added 2024/03/07 10:15 p.m.•21 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The explo...

5CVSS6.8AI score0.0083EPSS
Exploits1References3
Prion
Prion
•added 2024/03/07 10:15 p.m.•27 views

Design/Logic Flaw

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0 and classified as problematic. This issue affects some unknown processing of the file /shop.php. The manipulation of the argument productprice leads to business logic errors. The attack may be initiated remotely. The exploit ha...

4CVSS7.2AI score0.00518EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 9:15 p.m.•19 views

Spoofing

Microsoft Edge for Android Spoofing Vulnerability...

4.3CVSS7AI score0.00932EPSS
Exploits0References1
Prion
Prion
•added 2024/03/07 9:15 p.m.•21 views

Code injection

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names. IBM X-Force ID: 269407...

4CVSS6.3AI score0.00452EPSS
Exploits0References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•36 views

Code injection

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

4.3CVSS8.9AI score0.0024EPSS
Exploits0References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•15 views

Design/Logic Flaw

An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass parameters...

7.5AI score0.00581EPSS
Exploits1References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•21 views

Sql injection

A vulnerability, which was classified as critical, has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...

7.5CVSS7.7AI score0.00602EPSS
Exploits0References3
Prion
Prion
•added 2024/03/07 9:15 p.m.•16 views

Code injection

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...

4CVSS6AI score0.00364EPSS
Exploits0References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•19 views

Authentication flaw

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a remote attacker to bypass authentication restrictions for authorized user. IBM X-Force ID: 269409...

5.1CVSS7AI score0.00497EPSS
Exploits0References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•12 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Setor Informatica SIL 3.1 allows attackers to run arbitrary code via the hmessage parameter...

6.4AI score0.00443EPSS
Exploits2References1
Prion
Prion
•added 2024/03/07 9:15 p.m.•18 views

Code injection

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM X-Force ID: 269406...

4CVSS6.4AI score0.00506EPSS
Exploits0References2
Prion
Prion
•added 2024/03/07 9:15 p.m.•21 views

Input validation

The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wcaddnewproduct function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files...

6.5CVSS8.2AI score0.01281EPSS
Exploits0References7
Total number of security vulnerabilities213680