Lucene search
+L

230 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.13 views

Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs Improper Enforcement of Message Integrity During Transmission in a Communication Channel (CVE-2023-6408)

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack. This plugin only works with Tenable.ot...

8.1CVSS7.2AI score0.00317EPSS
Exploits0References4
NVD
NVD
added 2025/01/17 10:15 a.m.9 views

CVE-2024-12399

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause partial loss of confidentiality, loss of integrity and availability of the HMI when attacker performs man in the middle attack by intercepting the communication...

7.1CVSS0.00166EPSS
Exploits0References1
OSV
OSV
added 2024/12/28 12:0 p.m.3 views

RUSTSEC-2024-0430 Use of insecure cryptographic algorithms

This crate uses a number of cryptographic algorithms that are no longer considered secure and it uses them in ways that do not guarantee the integrity of the encrypted data. MagicCrypt64 uses the insecure DES block cipher in CBC mode without authentication. This allows for practical brute force a...

7AI score
Exploits0References3
Cvelist
Cvelist
added 2024/12/27 9:46 a.m.15 views

CVE-2020-9210

There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. Vulnerability ID:...

6.8CVSS0.00146EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/20 12:0 a.m.16 views

Huawei EMUI and HarmonyOS System Service Module Service Logic Error Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A service logic error vulnerability exists in the Huawei EMUI and HarmonyOS system service module, which can be...

8.5CVSS6.7AI score0.00173EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/04/04 3:9 p.m.31 views

CVE-2024-30261

Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the integrity option passed to fetch, allowing fetch to accept requests as valid even if they have been tampered. This vulnerability was patched in versions 5.28.4 and 6.11.1...

3.5CVSS6AI score0.00803EPSS
Exploits1
Talos
Talos
added 2023/12/05 12:0 a.m.58 views

Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...

8.1CVSS8.3AI score0.00819EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/05/03 2:30 p.m.12 views

CVE-2023-22372 BIG-IP Edge Client for Windows and Mac OS vulnerability

In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.9CVSS5.8AI score0.00219EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.8 views

SUSE CVE-2012-0071

Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote attackers to affect integrity via unknown vectors related to Web, a different vulnerability than CVE-2012-0093...

4.3CVSS6.5AI score0.01046EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-4218

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries...

5CVSS6.6AI score0.03826EPSS
Exploits0References10
Cvelist
Cvelist
added 2022/03/07 1:50 p.m.26 views

CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity...

7.8AI score0.00611EPSS
Exploits0References1
NVD
NVD
added 2022/01/10 2:10 p.m.20 views

CVE-2021-40039

There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity...

7.5CVSS0.00602EPSS
Exploits0References2
Prion
Prion
added 2022/01/10 2:10 p.m.32 views

Denial of service

There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity...

5CVSS7.5AI score0.00779EPSS
Exploits0References3Affected Software3
RedhatCVE
RedhatCVE
added 2021/04/16 6:31 p.m.24 views

CVE-2021-28156

A flaw was found in the hashicorp consul, where the audit log could be bypassed. The highest threat from this vulnerability is to integrity...

7.5CVSS0.5AI score0.02273EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/01/07 7:41 p.m.44 views

CVE-2020-36181

A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following conditions are needed for an exploit, w...

8.8CVSS1.9AI score0.05018EPSS
Exploits2References4
Cvelist
Cvelist
added 2020/12/02 2:36 p.m.34 views

CVE-2020-25638

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.7AI score0.02907EPSS
Exploits0References8
NVD
NVD
added 2019/11/07 6:15 p.m.30 views

CVE-2012-0051

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval...

7.4CVSS7.4AI score0.01714EPSS
Exploits1References6
OSV
OSV
added 2018/10/26 8:16 a.m.10 views

SUSE-SU-2018:3480-1 Security update for wpa_supplicant

This update for wpasupplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

6.5CVSS6.8AI score0.01476EPSS
Exploits0References8
Node JS Blog
Node JS Blog
added 2017/12/08 12:0 a.m.43 views

Data Confidentiality/Integrity Vulnerability, December 2017

Data Confidentiality/Integrity Vulnerability, December 2017 Update 7-December-2017 Security releases available Summary Updates are now available for all active Node.js release lines. These include the fix for the vulnerability identified in the initial announcement. In addition the updates for 8....

9.1CVSS6.9AI score0.78675EPSS
Exploits1
NVD
NVD
added 2017/11/14 9:29 p.m.12 views

CVE-2017-9371

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control...

5.9CVSS5.7AI score0.00806EPSS
Exploits0References1
Rows per page
Query Builder