Lucene search
K

5127 matches found

Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

How to Prepare Provisioning Services 7.x Master Target Device to be Captured on a vDisk

This article provides the recommended procedure for preparing Provisioning Services 7.x Master Target Device to be captured on a vDisk...

7AI score
Exploits0
Citrix
Citrix
added 2024/07/13 12:0 a.m.9 views

How to Enable Promiscuous Mode on a Physical Network Card

This article describes how to enable promiscuous mode on a physical Network Interface Card NIC.In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/11 12:0 a.m.4 views

The vulnerability of the RADIUS authentication protocol lies in the ability to bypass the authentication process by using capture-replay techniques to manipulate intercepted messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access by manipulating the authentication response.

The vulnerability of the RADIUS authentication protocol lies in the ability to bypass the authentication process by using capture-replay techniques to manipulate intercepted messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access by...

7.5CVSS7.8AI score0.14859EPSS
Exploits2References20Affected Software14
The Hacker News
The Hacker News
added 2024/07/10 5:35 a.m.19 views

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime CLR to dynamically load and run PowerShell commands, thereby creating a PowerShell...

7.6AI score
Exploits0
OSV
OSV
added 2024/07/10 12:0 a.m.2 views

UBUNTU-CVE-2024-6610

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox 128 and Thunderbird 128...

6.3CVSS7.2AI score0.00342EPSS
Exploits0References6
Veracode
Veracode
added 2024/07/09 6:56 p.m.10 views

Cross-site Scripting (XSS)

Typo3/Neos is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of user input, allowing attackers to tamper with page rendering, redirect victims, capture credentials, and potentially upload backdoors...

6.7AI score
Exploits0
NVD
NVD
added 2024/06/27 7:15 p.m.32 views

CVE-2024-5885

stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery SSRF vulnerability. The application does not provide sufficient controls when crawling a website, allowing an attacker to access applications on the local network. This vulnerability could allow a malicious user to gain acces...

8.6CVSS0.00554EPSS
Exploits1References1
CVE
CVE
added 2024/06/20 10:9 p.m.51 views

CVE-2024-37183

Westermo L210-F2G Lynx (CVE-2024-37183) is affected. The vulnerability allows capture of plain text credentials and session IDs over the network due to cleartext transmission. CVSS v3.1 base score 7.5 indicates high severity with Network attack vector and low access complexity; confidentiality im...

7.5CVSS6AI score0.00246EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/14 8:15 a.m.1 views

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References1
NVD
NVD
added 2024/06/14 8:15 a.m.34 views

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.8CVSS0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/13 5:22 p.m.16 views

CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)

Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...

8.7CVSS6.8AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/13 5:22 p.m.21 views

CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)

Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...

8.7CVSS0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/10 12:0 a.m.2 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which originates from a...

6.5CVSS6.4AI score0.0065EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/06/10 12:0 a.m.4 views

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which originates from a...

6.5CVSS6.4AI score0.00655EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/06/05 5:19 p.m.31 views

CVE-2024-4009 Replay Attack in KNX Secure Devices

Replay Attack in ABB, Busch-Jaeger, FTS Display version 1.00 and BCU version 1.3.0.33 allows attacker to capture/replay KNX telegram to local KNX Bus-System...

9.2CVSS9AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/05 5:19 p.m.20 views

CVE-2024-4009 Replay Attack in KNX Secure Devices

Replay Attack in ABB, Busch-Jaeger, FTS Display version 1.00 and BCU version 1.3.0.33 allows attacker to capture/replay KNX telegram to local KNX Bus-System...

9.2CVSS6.7AI score0.00142EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/06/04 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2024-0206)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.00818EPSS
Exploits2References4
OSV
OSV
added 2024/06/03 6:30 p.m.9 views

MGASA-2024-0206 Updated wireshark packages fix security vulnerabilities

Memory handling issue in editcap could cause denial of service via crafted capture file. CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file. CVE-2024-485...

7.5CVSS7AI score0.00818EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2024/05/28 3:29 p.m.2 views

SUSE CVE-2021-47535

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...

6.1CVSS6.2AI score0.00234EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2024/05/27 10:32 a.m.19 views

CVE-2021-47535

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...

5.1CVSS8.8AI score0.00234EPSS
Exploits0References4
Rows per page
Query Builder