Lucene search
+L

174 matches found

prion
prion
added 2020/07/23 4:15 p.m.18 views

Design/Logic Flaw

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...

4.3CVSS6.8AI score0.00469EPSS
Exploits1References4Affected Software3
cvelist
cvelist
added 2020/07/23 3:41 p.m.26 views

CVE-2020-12638

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...

6.8AI score0.00469EPSS
Exploits1References4
cve
cve
added 2020/07/23 3:41 p.m.56 views

CVE-2020-12638

The CVE affects Espressif IoT SDKs: ESP-IDF up to 4.2, ESP8266_NONOS_SDK up to 3.0.3, and ESP8266_RTOS_SDK up to 3.3. A forged-beacon-frame exploit forces a device to switch its authentication mode to OPEN, effectively disabling 802.11 encryption. The underlying issue is an encryption bypass trig...

6.8CVSS6.7AI score0.00469EPSS
Exploits1References4Affected Software3
thn
thn
added 2020/05/11 4:8 p.m.5 views

7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years

A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports. Collectively dubbed 'ThunderSpy,' the vulnerabilities can be exploited in 9 realisti...

5.9AI score
Exploits0
osv
osv
added 2019/12/10 3:15 p.m.3 views

DEBIAN-CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS7AI score0.01764EPSS
Exploits1References1
nvd
nvd
added 2019/12/10 3:15 p.m.38 views

CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS9.5AI score0.01764EPSS
Exploits1References8
osv
osv
added 2019/12/10 3:15 p.m.8 views

CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS9.5AI score0.01764EPSS
Exploits1References14
pypa
pypa
added 2019/12/10 3:15 p.m.7 views

PYSEC-2019-197

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS7AI score0.01764EPSS
Exploits1References9Affected Software1
cvelist
cvelist
added 2019/12/10 2:19 p.m.55 views

CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.5AI score0.01764EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2019/12/10 12:0 a.m.4 views

PT-2019-6881 · Openstack · Python-Keystoneclient

Name of the Vulnerable Software and Affected Versions: python-keystoneclient versions 0.2.3 through 0.2.5 Description: The issue concerns a middleware memcache encryption bypass in the python-keystoneclient. No information is provided about the estimated number of potentially affected devices or...

9.8CVSS9.3AI score0.01764EPSS
Exploits1References16
nvd
nvd
added 2019/06/29 8:15 p.m.43 views

CVE-2016-10761

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

6.5CVSS6.5AI score0.00745EPSS
Exploits0References2
nvd
nvd
added 2019/06/29 8:15 p.m.28 views

CVE-2019-13053

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

6.5CVSS6.6AI score0.00544EPSS
Exploits1References1
osv
osv
added 2019/06/29 8:15 p.m.7 views

CVE-2016-10761

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

6.5CVSS5.8AI score0.00745EPSS
Exploits0References2
prion
prion
added 2019/06/29 8:15 p.m.22 views

Sql injection

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

3.3CVSS7.2AI score0.00745EPSS
Exploits0References2Affected Software1
prion
prion
added 2019/06/29 8:15 p.m.18 views

Sql injection

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

3.3CVSS6.6AI score0.00745EPSS
Exploits1References1
cvelist
cvelist
added 2019/06/29 7:6 p.m.32 views

CVE-2019-13053

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

6.6AI score0.00544EPSS
Exploits1References1
cve
cve
added 2019/06/29 7:6 p.m.85 views

CVE-2016-10761

CVE-2016-10761 affects Logitech Unifying devices prior to 2016-02-26, enabling keystroke injection and bypassing encryption (MouseJack). The NVD entry lists low to medium severity (CVSS v2 base 3.3, CVSS v3 base 6.5) with adjacent, low-complexity exploitation and no user interaction required. Pub...

6.5CVSS6.5AI score0.00745EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2019/06/29 7:6 p.m.34 views

CVE-2016-10761

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

6.5AI score0.00745EPSS
Exploits0References2
packetstorm
packetstorm
added 2019/06/14 12:0 a.m.262 views

Tzumi Electronics Klic Lock Authentication Bypass

CVE-2019-11334 MIT License Copyright c 2019 Kerry Enfinger Python program to unlock any Tzumi Klic smart locks Model 5686 Firmware 6.2 May work on other smart locks Requires valid account email and password from Klic mobile application import argparse import requests import json from subprocess...

4.3CVSS0.3AI score0.01588EPSS
Exploits2
cve
cve
added 2019/06/07 7:24 p.m.173 views

CVE-2018-10694

The CVE-2018-10694 issue affects Moxa AWK-3121 (version 1.14). The root cause is an open, unencrypted Wi‑Fi setup by default, enabling an attacker on the same network to sniff traffic between a user’s computer and the device, potentially stealing credentials over HTTP and TELNET, and performing M...

8.1CVSS7.9AI score0.00811EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder