Search Results | AttackerKB

Show filters

Topics 3 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2020-8228

Disclosure Date: October 05, 2020 (last updated February 22, 2025)

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-8181

Disclosure Date: July 10, 2020 (last updated February 21, 2025)

A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-15608

Disclosure Date: March 15, 2020 (last updated February 21, 2025)

The package integrity validation in yarn < 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack.

Attack Vector: Network Privileges: None User Interaction: None

0