Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

AlmaLinux 10 : shadow-utils (ALSA-2025:20145)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20145 advisory. shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 Tenable has extracted the preceding description blo...

3.6CVSS6AI score0.004EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.13 views

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

6.6CVSS6.8AI score0.0011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.5 views

CVE-2022-20145

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for...

10CVSS7.4AI score0.06409EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 p.m.7 views

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...

7.5CVSS6.9AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 a.m.7 views

CVE-2019-20145

An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE 11.4 through 12.6.1. It has Incorrect Access Control...

4.3CVSS6.6AI score0.00687EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/14 10:23 p.m.15 views

CVE-2025-20145

A vulnerability in the access control list ACL processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress...

5.8CVSS6.8AI score0.00376EPSS
Exploits0References1
NVD
NVD
added 2025/03/12 4:15 p.m.13 views

CVE-2025-20145

A vulnerability in the access control list ACL processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress...

5.8CVSS0.00376EPSS
Exploits0References2
CVE
CVE
added 2025/03/12 4:12 p.m.84 views

CVE-2025-20145

Cisco IOS XR Software contains an ACL processing issue in the egress direction that can allow an unauthenticated, remote attacker to bypass a configured egress ACL. The root cause involves certain packets being mishandled when received on an ingress interface on one line card and destined to an e...

5.8CVSS7.1AI score0.00376EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/01/06 4:15 a.m.32 views

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

6.6CVSS0.0011EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 4:15 a.m.9 views

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

6.6CVSS6.8AI score0.0011EPSS
Exploits0References1
Circl
Circl
added 2025/01/06 3:47 a.m.15 views

CVE-2024-20145

creationtimestamp| type| source ---|---|--- 2025-01-06 03:47:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113779361337807155 2025-01-06 04:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2bkmggs72e 2025-01-06 04:42:50+00:00| seen|...

6.6CVSS4.8AI score0.0011EPSS
Exploits0References7
CVE
CVE
added 2025/01/06 3:17 a.m.115 views

CVE-2024-20145

CVE-2024-20145 affects MediaTek V6 DA, where a missing bounds check can lead to an out-of-bounds write. The issue enables local escalation of privilege with physical access and user interaction required for exploitation. Patch ALPS09290940 addresses the flaw (MSV-2040).

6.6CVSS7.1AI score0.0011EPSS
Exploits0References1Affected Software4
Vulnrichment
Vulnrichment
added 2025/01/06 3:17 a.m.9 views

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

6.6AI score0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/06 3:17 a.m.30 views

CVE-2024-20145

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940;...

0.0011EPSS
Exploits0References1
Circl
Circl
added 2023/08/22 10:24 p.m.6 views

CVE-2020-20145

creationtimestamp| type| source ---|---|--- 2023-08-22 22:24:57+00:00| seen| https://t.me/cibsecurity/68997...

4.8AI score
Exploits0References1
NVD
NVD
added 2023/08/22 7:16 p.m.28 views

CVE-2020-20145

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-14834. Reason: This candidate is a reservation duplicate of CVE-2019-14834. Notes: All CVE users should reference CVE-2019-14834 instead of this candidate. All references and descriptions in this candidate have been removed t...

4.4AI score0.02664EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.367 views

CVE-2020-20145

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-14834. Reason: This candidate is a reservation duplicate of CVE-2019-14834. Notes: All CVE users should reference CVE-2019-14834 instead of this candidate. All references and descriptions in this candidate have been removed t...

5.8AI score0.02664EPSS
Exploits0References2
Circl
Circl
added 2023/04/05 10:41 p.m.7 views

CVE-2023-20145

creationtimestamp| type| source ---|---|--- 2023-04-05 22:41:15+00:00| seen| https://t.me/cibsecurity/61500...

6.1CVSS6.1AI score0.00433EPSS
Exploits0References1
Circl
Circl
added 2022/07/25 12:32 p.m.7 views

CVE-2017-20145

creationtimestamp| type| source ---|---|--- 2022-07-25 12:32:50+00:00| seen| https://t.me/cibsecurity/46881...

9.8CVSS8.7AI score0.00852EPSS
Exploits1References1
CVE
CVE
added 2022/07/25 4:45 a.m.46 views

CVE-2017-20145

CVE-2017-20145 affects Tecrail Responsive Filemanger up to version 9.10.x. The root cause is a path traversal vulnerability that enables remote access to files. Several connected sources corroborate a critical impact and indicate upgrading to version 9.11.0 as the fix. In at least one reference, ...

9.8CVSS8.1AI score0.00852EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder