Lucene search
K

168 matches found

NVD
NVD
added 2022/05/11 6:15 p.m.20 views

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

7.5CVSS0.55861EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/05/11 5:56 p.m.25 views

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

7.8AI score0.55861EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.10 views

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications lies in its ability to send XML messages, allowing a hacker to gain full control over the operating system.

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications is related to the use of strictly encrypted login credentials during the installation of UltraVNC. Exploiting this vulnerability can allow a malicious actor to gain full control over the operating...

10CVSS5.5AI score0.01737EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/03/11 12:0 a.m.21 views

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications lies in its ability to send XML messages, allowing a hacker to gain full control over the operating system.

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications is related to the use of strictly encrypted login credentials during the installation of UltraVNC. Exploiting this vulnerability can allow a malicious actor to gain full control over the operating...

10CVSS5.5AI score0.03897EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/12/20 9:15 p.m.2 views

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

7.2CVSS6.6AI score0.00581EPSS
Exploits0References4
NVD
NVD
added 2021/12/20 9:15 p.m.18 views

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

7.2CVSS0.00581EPSS
Exploits0References3
OSV
OSV
added 2021/12/20 9:15 p.m.2 views

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

6.5CVSS6.6AI score0.00581EPSS
Exploits0References3
Prion
Prion
added 2021/12/20 9:15 p.m.11 views

Code injection

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

3.5CVSS6.5AI score0.00581EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/12/20 8:19 p.m.22 views

CVE-2021-42138

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine...

7.2CVSS7.2AI score0.00581EPSS
Exploits0References3
CVE
CVE
added 2021/12/20 8:19 p.m.47 views

CVE-2021-42138

CVE-2021-42138 : The vulnerability affects SafeNet Agent for Windows Logon and allows a user on a protected machine to leverage weak entropy to access the encrypted credentials of any or all other users on that machine. The available documents do not provide exploit code, specific affected versio...

7.2CVSS6.4AI score0.00581EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/12/20 12:0 a.m.4 views

SafeNet Agent for Windows 安全特征问题漏洞

SafeNet Agent for Windows is the SafeNet Authentication Service Agent for Windows Logon WLA 2.3.0. A security vulnerability exists in SafeNet Agent for Windows, which arises from a user of a machine protected by SafeNet Agent for Windows Logon who can leverage weak entropy to access the encrypted...

7.2CVSS6.5AI score0.00581EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.4 views

The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series lies in the use of rigidly encrypted account data, which allows attackers to escalate their privileges.

The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series is related to the use of rigidly encrypted login credentials. Exploiting this...

10CVSS7.8AI score0.0233EPSS
Exploits1References3Affected Software5
NVD
NVD
added 2021/07/21 3:15 p.m.21 views

CVE-2021-22728

A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could cause disclosure of encrypte...

6.5CVSS0.01072EPSS
Exploits0References1
OSV
OSV
added 2021/07/21 3:15 p.m.5 views

CVE-2021-22728

A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could cause disclosure of encrypte...

6.5CVSS5.8AI score0.01072EPSS
Exploits0References1
Prion
Prion
added 2021/07/21 3:15 p.m.22 views

Information disclosure

A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could cause disclosure of encrypte...

4CVSS6.3AI score0.01072EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2021/07/21 10:43 a.m.26 views

CVE-2021-22728

A CWE-200: Information Exposure vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could cause disclosure of encrypte...

6.5AI score0.01072EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/22 8:42 p.m.32 views

CVE-2021-27392

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

8.8AI score0.01183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2021/03/09 5:3 p.m.35 views

CVE-2021-3425

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable...

4.4CVSS1.2AI score0.00286EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.6 views

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules, which stems from the use of rigidly encrypted credentials, allows attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the use of rigidly encrypted credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

3.8CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software6
CNNVD
CNNVD
added 2020/11/17 12:0 a.m.7 views

Aviatrix Systems Controller 安全漏洞

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A security vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. The vulnerability stems from a weak key in an encrypted file containing credentials. No...

7.5CVSS7.2AI score0.01461EPSS
Exploits1References2
Rows per page
Query Builder