Lucene search
K

5119 matches found

CVE
CVE
added 2022/07/29 9:5 p.m.63 views

CVE-2022-2324

SonicWall Hosted Email Security (HES) is affected. Versions prior to 10.0.17.7319 contain an improperly implemented security check in the Capture ATP feature, enabling bypass of the Capture ATP security service. The issue could be exploited by an unauthenticated attacker to bypass security contro...

7.5CVSS7.5AI score0.00533EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/29 9:5 p.m.20 views

CVE-2022-2324

Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions...

7.7AI score0.00533EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/29 12:0 a.m.5 views

PT-2022-15915 · Sonicwall · Sonicwall Hosted Email Security

Name of the Vulnerable Software and Affected Versions: SonicWall Hosted Email Security versions prior to 10.0.17.7319 Description: The issue is related to an improperly implemented security check in the SonicWall Hosted Email Security, which allows for the bypass of the Capture ATP security servi...

7.5CVSS7AI score0.00533EPSS
Exploits0References3
OSV
OSV
added 2022/07/28 3:15 p.m.3 views

CVE-2021-22640

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

9.8CVSS5.8AI score0.00657EPSS
Exploits0References1
NVD
NVD
added 2022/07/28 3:15 p.m.15 views

CVE-2021-22640

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

9.8CVSS0.00657EPSS
Exploits0References1
Prion
Prion
added 2022/07/28 3:15 p.m.18 views

Information disclosure

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

7.5CVSS9.6AI score0.00657EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2022/07/28 2:18 p.m.23 views

CVE-2021-22640 Ovarro TBox Insufficiently Protected Credentials

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

7.5CVSS9.8AI score0.00657EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/07/28 2:18 p.m.6 views

CVE-2021-22640 Ovarro TBox Insufficiently Protected Credentials

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

7.5CVSS9.6AI score0.00657EPSS
Exploits0References1
CVE
CVE
added 2022/07/28 2:18 p.m.80 views

CVE-2021-22640

CVE-2021-22640 affects Ovarro TBox RTUs (LT2, MS-CPU32, MS-CPU32-S2, RM2, TG2) and pre-12.4/TWinSoft firmware ≤ 1.46. It discloses credentials: login passwords can be decrypted via network traffic capture and brute force attempts. ICS Advisory ICSA-21-054-04 confirms remote/exploit potential and ...

9.8CVSS8.8AI score0.00657EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/07/28 12:0 a.m.32 views

Missing permission check in Coverity Plugin allows capturing credentials

Coverity Plugin 1.11.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.1CVSS7.6AI score0.00705EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/07/28 12:0 a.m.20 views

GHSA-99MQ-HW5M-GWJJ Missing permission check in Coverity Plugin allows capturing credentials

Coverity Plugin 1.11.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS7.9AI score0.00705EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.3 views

CVE-2022-36920

A cross-site request forgery CSRF vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS5.6AI score0.00489EPSS
Exploits0References4
OSV
OSV
added 2022/07/27 3:15 p.m.15 views

CVE-2022-36920

A cross-site request forgery CSRF vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.7AI score
Exploits0References2
Cvelist
Cvelist
added 2022/07/27 2:29 p.m.18 views

CVE-2022-36921

A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.2AI score0.00705EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.4 views

PT-2022-4022 · Jenkins · Jenkins Coverity Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Coverity Plugin versions 1.11.4 and earlier Description: The issue is related to a missing permission check in the Jenkins Coverity Plugin, which can be exploited by attackers with Overall/Read permission to connect to an...

8.1CVSS7.7AI score0.00705EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2022/07/25 9:32 a.m.4 views

ab4yss-wr4iteups

ab4yss-wr4iteups Hi,...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.3 views

Apple macOS Monterey 缓冲区错误漏洞

Apple macOS Monterey is the 18th major release of Apple's macOS for the Macintosh desktop operating system. Apple macOS Monterey suffers from a buffer error vulnerability that stems from an application's ability to capture a user's screen...

5.9CVSS7AI score0.01288EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.3 views

Apple macOS Monterey 和 Big Sur 权限许可和访问控制问题漏洞

Apple macOS Big Sur and Apple macOS Monterey are products of Apple Inc. Apple macOS Big Sur is the 17th major release of Apple's macOS operating system for the MAC. apple macOS Monterey is the 18th major release of Apple's macOS desktop operating system for the MAC. Apple macOS Monterey is the 18...

5.5CVSS6.5AI score0.00562EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.1 views

PT-2022-21520 · Apple · Macos Monterey +2

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.6.8 macOS Monterey versions prior to 12.5 Description: A logic issue was addressed with improved checks, which may have allowed an app to capture a user's screen. Recommendations: For macOS Big Sur versions...

5.5CVSS5.2AI score0.00562EPSS
Exploits0References7
Kitploit
Kitploit
added 2022/07/18 12:30 p.m.44 views

Koh - The Token Stealer

Koh is a C and Beacon Object File BOF toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project no license, as well as KB180548. For why this is possible and Koh's approeach, see t...

7AI score
Exploits0References10
Rows per page
Query Builder