Lucene search
K

56 matches found

CNNVD
CNNVD
added 2023/08/17 12:0 a.m.6 views

Genians Genian NAC 安全漏洞

Genians Genian NAC is a network security and access control software from Genians Korea. It helps organizations identify IP-enabled devices, manage vulnerabilities and check device configurations to protect network access environments. A security vulnerability exists in Genians Genian NAC that...

5.9CVSS5.9AI score0.00141EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/19 12:0 a.m.4 views

PT-2023-23304 · Sick · Sick Eventcam App

Name of the Vulnerable Software and Affected Versions: SICK EventCam App affected versions not specified Description: A remote unprivileged attacker can intercept communication via Man-In-The-Middle attacks due to the absence of Transport Layer Security TLS in the app. This lack of encryption can...

9.8CVSS7.2AI score0.00302EPSS
Exploits0References4
OSV
OSV
added 2023/05/19 9:15 a.m.6 views

CVE-2023-28045

Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data...

7.1CVSS7.1AI score0.00179EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/25 12:0 a.m.5 views

Sielco PolyEco1000 授权问题漏洞

Sielco PolyEco1000 is an environmental monitoring and control system from Sielco designed to monitor and control data on water quality, meteorology, gas concentrations, energy management and environmental parameters. A security vulnerability exists in Sielco PolyEco1000 that stems from the...

9.8CVSS8.3AI score0.00469EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.8 views

The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the FortiMail IBE Identity-Based Encryption service of the FortiMail email protection system lies in the lack of encryption measures for protected data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected informati...

5.9CVSS7.2AI score0.00342EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2019/10/24 2:15 p.m.18 views

Design/Logic Flaw

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks...

6.9CVSS6.5AI score0.00356EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2019/07/18 12:0 a.m.7 views

The vulnerability of the microprogramming software of the Simatic Ident industrial identification and positioning system, due to the lack of encryption, allows attackers to gain access to the data.

The vulnerability of the microprogramming software in Simatic Ident system-based industrial identification and positioning systems is related to the lack of encryption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to data transmitted between the...

5.3CVSS5.5AI score0.01548EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2019/03/22 11:54 a.m.114 views

Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks

The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a...

9.3CVSS1.4AI score0.00844EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.5 views

The vulnerability of the microprogramming software used in Moxa EDS and IKS switches allows a intruder to gain unauthorized access to protected information.

The vulnerability of Microprogrammed Software in Moxa EDS and IKS switches stems from the lack of encryption measures for protected data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

10CVSS7.8AI score0.00989EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2018/12/20 12:0 a.m.7 views

The vulnerability of the identification and access control system of IBM Cloud Private allows a perpetrator to expose protected information.

The vulnerability of the IBM Cloud Private storage access identification and management system arises from the lack of encryption measures for protected data. Exploiting this vulnerability could allow attackers to disclose protected information...

4.1CVSS5.4AI score0.00316EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2018/05/18 2:20 p.m.19 views

TeleGrab Malware Steals Telegram Desktop Messaging Sessions, Steam Credentials

Recently discovered malware steals cache data and secure messaging sessions from the desktop version of encrypted messaging service Telegram. The malware, dubbed TeleGrab, leverages weak default settings in the design of Telegram’s desktop version along with the desktop’s lack of support for Secr...

0.1AI score
Exploits0References3
The Hacker News
The Hacker News
added 2016/07/27 12:58 a.m.12 views

KeySniffer Lets Hackers Steal Keystrokes from Wireless Keyboards

Radio-based wireless keyboards and mice that use a special USB dongle to communicate with your PC can expose all your secrets – your passwords, credit card numbers and everything you type. Back in February, researchers from the Internet of things security firm Bastille Networks demonstrated how...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/01/08 12:25 p.m.8 views

Sierra Wireless industrial gateways security vulnerabilities

A wireless gateway suitable for a number of industrial applications is vulnerable to remote exploit because of a lack of encryption in its update and reprogramming processes, an advisory from the Industrial Control Systems Cyber Emergency Response Team said yesterday. The Sierra Wireless AirLink...

1.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2011/08/05 12:50 p.m.5 views

#Blackhat Conference : Square Mobile Gadget allows to Hack Credit Cards

Blackhat Conference : Square Mobile Gadget allows to Hack Credit Cards Researchers at the Black Hat security conference today revealed two ways the Square payment system , which turns any iPhone, iPad or Android into a point-of-sale credit card processor, could be used for fraud. Square a mobile...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/01 12:0 a.m.48 views

Hi5.com XSS / XSRF / URL Redirection / Lack Of Encryption

============================================= INTERNET SECURITY AUDITORS ALERT 2010-11 - Original release date: 29th October 2010 - Last revised: 1st May 2011 - Discovered by: Eduardo Garcia Melia - Severity: 7.8/10 CVSSv2 Base Scored ============================================= I. VULNERABILITY...

0.3AI score
Exploits0
CVE
CVE
added 2001/02/14 5:0 a.m.47 views

CVE-2001-0133

CVE-2001-0133 affects Interscan VirusWall 3.6.x and earlier. The web administration interface reportedly does not use encryption, enabling remote attackers to obtain the administrator password by sniffing credentials sent during login or via setpasswd.cgi and other HTTP GET requests that transmit...

10CVSS6.8AI score0.02185EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder