Lucene search
K

111 matches found

Cvelist
Cvelist
added 2022/07/25 9:37 p.m.18 views

CVE-2022-34575

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the key information of the device via accessing fctest.shtml...

5.7AI score0.00617EPSS
Exploits1References2
CVE
CVE
added 2022/07/25 9:37 p.m.82 views

CVE-2022-34574

The CVE-2022-34574 issue affects Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19. Root cause: an access control flaw in the device allows an attacker to obtain key information by accessing the Tftpd32.ini file. Impact per sources: leakage of critical device information. Practical remediatio...

5.7CVSS5.4AI score0.00628EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/07/25 9:37 p.m.69 views

CVE-2022-34570

CVE-2022-34570 concerns WAVLINK WN579 X3 (M79X3.V5030.191012) where an information leak allows attackers to obtain key information by accessing the vulnerable file, messages.txt. The root cause is an access control error or insufficient access rights handling on messages.txt, as described in mult...

7.5CVSS7.2AI score0.00861EPSS
Exploits1References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2022/07/14 7:0 a.m.7 views

GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line.

...

6.5CVSS7.2AI score0.02551EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/06/10 12:0 a.m.4 views

PT-2022-6745 · Gpgme +11 · Gpgme +11

Name of the Vulnerable Software and Affected Versions: GnuPG versions prior to 2.3.7 Description: The issue is related to insufficient neutralization of special elements in a request, allowing a remote attacker to access and compromise confidential data. In unusual situations where an attacker...

7.8CVSS6.5AI score0.02551EPSS
Exploits1References79
OSV
OSV
added 2022/05/17 7:57 p.m.39 views

GHSA-5G4V-2PC6-4HH4 Ansible Sensitive Files Are Locally Readable

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...

6.8CVSS5AI score0.00415EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/17 7:57 p.m.23 views

Ansible Sensitive Files Are Locally Readable

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...

5.5CVSS6.2AI score0.00415EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/03/17 1:15 p.m.16 views

CVE-2021-44260

A vulnerability is in the 'livemfg.html' page of the WAVLINK AC1200, version WAVLINK-A42W-1.27.6-20180418, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information of the manager of router...

7.5CVSS0.07573EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.4 views

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control RES One Workspace is a set of workspace control software from Ivanti, USA. The software includes features such as user management, application management and report management. A security vulnerability exists in versions prior to Ivanti Workspace Control 2021.2 10.7.30.0,...

5.5CVSS5.8AI score0.00349EPSS
Exploits0References1
Information Security Automation
Information Security Automation
added 2021/07/30 11:6 p.m.223 views

How to fix “Nessus failed to load the SSH private key” error?

If you are using Nessus to scan Linux hosts and authenticate by key, you may encounter this problem. You have generated the keys correctly, placed the public key on a remote server. You can connect to this server using the private key. ssh -p22 -i privatekey [email protected] But when...

1.3AI score
Exploits0
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.6 views

Bachmann Electronic All M-Base Controllers 加密问题漏洞

Bachmann Electronic All M-Base Controllers is a controller system from Bachmann, Germany, used to control networks. A cryptographic issue vulnerability exists in Bachmann Electronic All M-Base Controllers that stems from not properly using the relevant cryptographic algorithms, resulting in...

8.8CVSS7.9AI score0.00784EPSS
Exploits0References5
Prion
Prion
added 2021/03/21 9:15 p.m.16 views

Hardcoded credentials

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp which is a guest account...

7.5CVSS9.5AI score0.01812EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2020/08/13 3:6 p.m.38 views

v-os.ca Cross Site Scripting vulnerability OBB-1259041

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/06/15 9:26 p.m.48 views

zonnetprovedor.net.br Cross Site Scripting vulnerability OBB-1197853

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/05/13 4:21 p.m.10 views

hilyses.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1160428 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.7AI score
Exploits0
NVD
NVD
added 2020/04/07 1:15 p.m.16 views

CVE-2016-11049

An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...

9.1CVSS9.3AI score0.00401EPSS
Exploits0References1
Prion
Prion
added 2020/04/07 1:15 p.m.13 views

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...

6.4CVSS7.2AI score0.00401EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/07 12:44 p.m.17 views

CVE-2016-11049

An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...

9.3AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2020/02/20 3:15 p.m.18 views

CVE-2014-4658

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...

5.5CVSS5.1AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2020/02/20 3:15 p.m.12 views

CVE-2014-4658

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...

5.5CVSS5.1AI score
Exploits0References2
Rows per page
Query Builder