Lucene search
K

9099 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:14 a.m.6 views

CVE-2024-53845

ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV Initialization Vector prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and remains constant...

8.7CVSS6.7AI score0.0056EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:37 a.m.7 views

CVE-2023-26243

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

7.8CVSS6.5AI score0.00347EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.14 views

CVE-2023-36490

Improper initialization in some IntelR MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS6.5AI score0.00197EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:56 a.m.8 views

CVE-2023-33060

Transient DOS in Core when DDR memory check is called while DDR is not initialized...

7.1CVSS7AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.9 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS6.5AI score0.00725EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:44 a.m.7 views

CVE-2023-30954

The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...

3.7CVSS6.8AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:34 a.m.3 views

CVE-2023-27934

A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

8.8CVSS7.1AI score0.01785EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:24 a.m.6 views

CVE-2023-2514

Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization...

7.5CVSS7AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:14 a.m.5 views

CVE-2023-22356

Improper initialization in some IntelR NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access...

6CVSS5.8AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.10 views

CVE-2023-1660

The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard...

6.1CVSS6AI score0.00269EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.3 views

CVE-2023-21638

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization...

7.8CVSS7.1AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.8 views

CVE-2023-1047

A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This vulnerability affects unknown code in the library WinRing0x64.sys. The manipulation leads to improper initialization. An attack has to be approached locally. The exploit has been disclosed to the public and may...

7.8CVSS7.1AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:32 a.m.4 views

CVE-2023-1048

A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The explo...

7.8CVSS7.1AI score0.00572EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.7 views

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated...

7.8CVSS7.5AI score0.0011EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.6 views

CVE-2023-2747

The initialization vector IV used by the secure engine SE for encrypting data stored in the SE flash memory is uninitialized...

5.5CVSS6.7AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.6 views

CVE-2022-30271

The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...

9.8CVSS6.8AI score0.00835EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.8 views

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

9.1CVSS6.8AI score0.01231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:29 a.m.4 views

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...

7.5CVSS6.9AI score0.00474EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:21 a.m.9 views

CVE-2022-46301

Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS6.5AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.8 views

CVE-2022-46397

FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...

7.5CVSS7AI score0.0062EPSS
Exploits0References1
Rows per page
Query Builder