CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2026/01/09 9:13 a.m.•6 views

CVE-2022-31066

EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...

5.9CVSS6.7AI score0.00161EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-19524

Malware in sbrugna...

8.3CVSS6.5AI score0.00309EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6047

Malicious code in bioql PyPI...

5.9CVSS5.2AI score0.00161EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 9:18 p.m.•7 views

CVE-2021-32753

EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...

8.3CVSS7.1AI score0.00309EPSS

Exploits0References1

NVD•added 2022/06/14 10:15 p.m.•10 views

CVE-2022-31066

5.9CVSS0.00161EPSS

Exploits0References3

Prion•added 2022/06/14 10:15 p.m.•10 views

Authentication flaw

3.6CVSS4.7AI score0.00161EPSS

Exploits0References3Affected Software1

CVE•added 2022/06/14 9:55 p.m.•448 views

CVE-2022-31066

CVE-2022-31066 affects EdgeXFoundry up to version 2.1.1, where the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, credentials should be stored in the secret store, but access controls are bypassed, allowing interception or injecti...

5.9CVSS4.8AI score0.00161EPSS

Exploits0References3Affected Software1

OSV•added 2022/06/14 9:55 p.m.•11 views

CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users

5.9CVSS5AI score0.00161EPSS

Exploits0References5

Vulnrichment•added 2022/06/14 9:55 p.m.•6 views

CVE-2022-31066 Configuration API in EdgeXFoundry exposes message bus credentials to local unauthenticated users

5.9CVSS5.7AI score0.00161EPSS

Exploits0References3

CNNVD•added 2022/06/14 12:0 a.m.•1 views

EdgeX Foundry 信息泄露漏洞

EdgeX Foundry is an open source project to build a common open framework for IoT edge computing. An information disclosure vulnerability exists in EdgeX Foundry versions prior to 2.1.1, which stems from the /api/v2/config endpoint exposing message bus credentials to a local, unauthenticated user...

5.9CVSS5.5AI score0.00161EPSS

Exploits0References4

Github Security Blog•added 2021/11/19 8:55 p.m.•24 views

Broken encryption in EdgeX Foundry

Summary Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors. Detailed Description The app-functions-sdk exports an “aes” transform that user scripts can optionally call to encrypt data in th...

5.7CVSS5.3AI score0.00057EPSS

Exploits0References4Affected Software3

OSV•added 2021/11/19 8:55 p.m.•12 views

GHSA-6C7M-QWXJ-MVHP Broken encryption in EdgeX Foundry

5.4CVSS5.3AI score0.00057EPSS

Exploits0References4

OSV•added 2021/11/19 12:15 a.m.•10 views

CVE-2021-41278

Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allo...

5.7CVSS6.6AI score

Exploits0References2

CNNVD•added 2021/11/19 12:0 a.m.•2 views

EdgeX Foundry 加密问题漏洞

EdgeX Foundry is an open source project to build a common open framework for IoT edge computing. A cryptographic issue vulnerability exists in EdgeX's Functions SDK that allows an attacker to decrypt messages via unspecified vectors...

5.7CVSS5.7AI score0.00057EPSS

Exploits0References3

Cvelist•added 2021/11/18 11:50 p.m.•12 views

CVE-2021-41278 Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors

5.4CVSS5.6AI score0.00057EPSS

Exploits0References2

NVD•added 2021/07/09 7:15 p.m.•8 views

CVE-2021-32753

8.3CVSS0.00309EPSS

Exploits0References2

OSV•added 2021/07/09 7:15 p.m.•11 views

CVE-2021-32753

6.5CVSS7.1AI score

Exploits0References2

Prion•added 2021/07/09 7:15 p.m.•8 views

Authentication flaw

5.8CVSS6.6AI score0.00309EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/07/09 7:5 p.m.•13 views

CVE-2021-32753 Weak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.

8.3CVSS8.5AI score0.00309EPSS

Exploits0References2

CVE•added 2021/07/09 7:5 p.m.•69 views

CVE-2021-32753

EdgeX Foundry’s CVE-2021-32753 affects Edinburgh, Fuji, Geneva, and Hanoi releases. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user exists, the proxy username is used as both the client_id and client_secret, enabling a remote attacker to perform a dictionary-ba...

8.3CVSS6.9AI score0.00309EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by