Lucene search
+L

54 matches found

cve
cve
added 2023/01/19 11:27 a.m.69 views

CVE-2022-3738

CVE-2022-3738 concerns WAGO products (Missing authentication for config export). A remote unauthenticated attacker can download a backup file that may contain credentials and cryptographic material, provided a backup exists (created after last reboot). The connected sources identify the vulnerabi...

5.9CVSS5.6AI score0.00625EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/01/19 11:27 a.m.26 views

CVE-2022-3738 WAGO: Missing authentication for config export functionality in multiple products

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull...

5.9CVSS5.9AI score0.00625EPSS
Exploits0References1
osv
osv
added 2022/04/14 9:15 p.m.5 views

CVE-2020-25156

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References2
nvd
nvd
added 2022/04/14 9:15 p.m.27 views

CVE-2020-25156

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

9CVSS0.0114EPSS
Exploits0References2
prion
prion
added 2022/04/14 9:15 p.m.25 views

Code injection

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

9CVSS7.3AI score0.0114EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2022/04/14 8:5 p.m.39 views

CVE-2020-25156 B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versions A10 and A11 and earlier enables attackers in possession of cryptographic material to access the device as root...

7.2CVSS7AI score0.0114EPSS
Exploits0References2
cve
cve
added 2022/04/14 8:5 p.m.71 views

CVE-2020-25156

CVE-2020-25156 concerns active debug code in B. Braun SpaceCom (versions L8/U61 and earlier) and Data module compactplus (A10/A11 and earlier) enabling possession of cryptographic material to gain root access. Connected sources confirm affected products and versions, with remediation updates rele...

9CVSS7.2AI score0.0114EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2021/07/28 12:0 a.m.4 views

SUSE Rancher K3s 安全漏洞

SUSE Rancher K3s is a CNCF sandboxing project from SUSE Germany that provides a lightweight but powerful certified Kubernetes distribution. A security vulnerability exists in SUSE Rancher K3s that allows any user with direct access to a datastore, or a copy of a datastore backup, to extract the...

6.5CVSS6.5AI score0.00304EPSS
Exploits0References1
nessus
nessus
added 2016/12/05 12:0 a.m.47 views

FreeBSD : xen-kernel -- CR0.TS and CR0.EM not always honored for x86 HVM guests (4d7cf654-ba4d-11e6-ae1b-002590263bf5)

The Xen Project reports : Instructions touching FPU, MMX, or XMM registers are required to raise a Device Not Available Exception NM when either CR0.EM or CR0.TS are set. Their AVX or AVX-512 extensions would consider only CR0.TS. While during normal operation this is ensured by the hardware, if ...

6.3CVSS7.2AI score0.00303EPSS
Exploits0References4
xen
xen
added 2016/10/04 12:0 p.m.45 views

CR0.TS and CR0.EM not always honored for x86 HVM guests

ISSUE DESCRIPTION Instructions touching FPU, MMX, or XMM registers are required to raise a Device Not Available Exception NM when either CR0.EM or CR0.TS are set. Their AVX or AVX-512 extensions would consider only CR0.TS. While during normal operation this is ensured by the hardware, if a guest...

6.3CVSS0.8AI score0.00303EPSS
Exploits0
threatpost
threatpost
added 2011/03/21 3:13 p.m.9 views

Back-End Software May Be Real Worry in RSA Attack

The attack on RSA that the company revealed last week raises a multitude of questions about the security of the company’s network and its own internal procedures. But the most important issues the RSA attack brings to the surface concern exactly what the attackers may have been after and what the...

1AI score
Exploits0References3
osv
osv
added 2008/05/13 12:0 a.m.56 views

DSA-1571-1 openssl - predictable random number generator

Bulletin has no description...

9.3CVSS6.9AI score0.70721EPSS
Exploits10
securityvulns
securityvulns
added 2008/03/26 12:0 a.m.38 views

CORE-2007-1212: SILC pkcs_decode buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ SILC pkcsdecode buffer overflow Advisory Information Title: SILC pkcsdecode buffer overflow Advisory ID: CORE-2007-1212 Advisory URL:...

Exploits0
freebsd
freebsd
added 2008/03/25 12:0 a.m.13 views

silc -- pkcs_decode buffer overflow

Core Security Technologies reports: A remote buffer overflow vulnerability found in a library used by both the SILC server and client to process packets containing cryptographic material may allow an un-authenticated client to executearbitrary code on the server with the privileges of the user...

4.9AI score
Exploits0References1
Rows per page
Query Builder