Lucene search
K

5126 matches found

Cvelist
Cvelist
added 2022/07/27 2:29 p.m.18 views

CVE-2022-36921

A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.2AI score0.00705EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.4 views

PT-2022-4022 · Jenkins · Jenkins Coverity Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Coverity Plugin versions 1.11.4 and earlier Description: The issue is related to a missing permission check in the Jenkins Coverity Plugin, which can be exploited by attackers with Overall/Read permission to connect to an...

8.1CVSS7.7AI score0.00705EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2022/07/25 9:32 a.m.4 views

ab4yss-wr4iteups

ab4yss-wr4iteups Hi,...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.3 views

Apple macOS Monterey 缓冲区错误漏洞

Apple macOS Monterey is the 18th major release of Apple's macOS for the Macintosh desktop operating system. Apple macOS Monterey suffers from a buffer error vulnerability that stems from an application's ability to capture a user's screen...

5.9CVSS7AI score0.01288EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/07/20 12:0 a.m.3 views

Apple macOS Monterey 和 Big Sur 权限许可和访问控制问题漏洞

Apple macOS Big Sur and Apple macOS Monterey are products of Apple Inc. Apple macOS Big Sur is the 17th major release of Apple's macOS operating system for the MAC. apple macOS Monterey is the 18th major release of Apple's macOS desktop operating system for the MAC. Apple macOS Monterey is the 18...

5.5CVSS6.5AI score0.00562EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.2 views

PT-2022-21520 · Apple · Macos Monterey +2

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.6.8 macOS Monterey versions prior to 12.5 Description: A logic issue was addressed with improved checks, which may have allowed an app to capture a user's screen. Recommendations: For macOS Big Sur versions...

5.5CVSS5.2AI score0.00562EPSS
Exploits0References7
Kitploit
Kitploit
added 2022/07/18 12:30 p.m.44 views

Koh - The Token Stealer

Koh is a C and Beacon Object File BOF toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project no license, as well as KB180548. For why this is possible and Koh's approeach, see t...

7AI score
Exploits0References10
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.13 views

Fedora: Security Advisory for httpdump (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/17 1:16 a.m.25 views

[SECURITY] Fedora 35 Update: httpdump-0-0.6.20200714gite6fa868.fc35

Capture and parse HTTP traffic...

9.3CVSS0.8AI score0.05994EPSS
Exploits4
CNNVD
CNNVD
added 2022/07/15 12:0 a.m.4 views

SonicWALL Hosted Email Security 安全特征问题漏洞

SonicWALL Hosted Email Security is an advanced cloud email security service from SonicWALL, Inc. A security feature issue vulnerability exists in SonicWall Hosted Email Security HES version 10.0.17.7319 and prior versions that stems from the incorrect implementation of certain security features i...

7.5CVSS7.3AI score0.00533EPSS
Exploits0References3
SonicWall
SonicWall
added 2022/07/14 6:43 p.m.12 views

SonicWall Hosted Email Security Capture ATP Bypass

Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. CVE: CVE-2022-2324 Last updated: July 14, 2022, 6:43 p.m...

7.2CVSS6.9AI score0.00533EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.9 views

The vulnerability lies in the communication functions between the Omron NJ/NX automation controller, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA. This vulnerability allows a perpetrator to gain access to the controller.

The vulnerability of the communication functions between Omron NJ/NX automation controllers, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA lies in the ability to bypass the authentication process by using capture-replay techniques for intercepted parameters...

6.8CVSS7.5AI score0.01769EPSS
Exploits0References4Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.9 views

The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers, related to bypassing the authentication process using capture-replay techniques for intercepted parameters, allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers lies in the ability to bypass the authentication process by using capture-replay techniques to intercept and replay captured parameters. Exploiting this vulnerability allows a malicious actor to trigger malfunctio...

7.6CVSS7.5AI score0.01146EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2022/07/05 2:15 p.m.17 views

CVE-2021-43116

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...

8.8CVSS8.6AI score
Exploits0References3
Prion
Prion
added 2022/07/05 2:15 p.m.13 views

Improper access control

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...

6.5CVSS8.5AI score0.0555EPSS
Exploits4References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/05 1:50 p.m.71 views

Security Bulletin: IBM QRadar Network Packet Capture includes multiple vulnerable components.

Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a...

9.8CVSS2AI score0.70561EPSS
Exploits6Affected Software1
NVD
NVD
added 2022/07/04 2:15 a.m.29 views

CVE-2022-33971

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow ...

8.3CVSS0.01146EPSS
Exploits0References2
OSV
OSV
added 2022/07/04 2:15 a.m.4 views

CVE-2022-33971

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow ...

7.5CVSS7.2AI score0.01146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/04 2:15 a.m.2 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.1CVSS5.8AI score0.01769EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/07/04 2:15 a.m.20 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.1CVSS0.01769EPSS
Exploits0References2
Rows per page
Query Builder