Lucene search
+L

260 matches found

ATTACKERKB
ATTACKERKB
added 2017/12/08 5:29 a.m.4 views

CVE-2017-17463

Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and pskwepkey fields...

7.5CVSS5.5AI score0.01344EPSS
Exploits0References2
Kitploit
Kitploit
added 2017/08/25 2:30 p.m.33 views

ike-scan - Discover and fingerprint IKE hosts (IPsec VPN Servers)

Discover and fingerprint IKE hosts IPsec VPN Servers. Building and Installing ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter source...

7.4AI score
Exploits0References2
CNVD
CNVD
added 2017/06/29 12:0 a.m.7 views

OSRAM SYLVANIA Osram Lightify Home Information Disclosure Vulnerability

OSRAM SYLVANIA Osram Lightify Home is an open IoT platform for automated control of lighting devices from German company OSRAM. A security vulnerability exists in OSRAM SYLVANIA Osram Lightify Home versions prior to 2016-07-26, which originates from the program storing the PSK in plaintext in the...

7.5CVSS6.8AI score0.01397EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.5 views

Mimosa Client Radios Information Disclosure Vulnerability

Mimosa Client Radios is a management program for client devices of the Mimosa multipoint solution from Mimosa Networks, Inc. A security vulnerability exists in Mimosa Client Radios versions prior to 2.2.3. The vulnerability can be exploited by an attacker to download arbitrary files from the devi...

7.8CVSS7AI score0.00819EPSS
Exploits0References1
NVD
NVD
added 2017/05/21 9:29 p.m.14 views

CVE-2017-9136

An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface, there is a page that allows an attacker to use an unsanitized GET parameter to download files from the device as the root user. The attacker can download any file from the device's filesystem. This can be...

7.8CVSS7.5AI score0.00819EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/04/20 12:0 a.m.28 views

Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability (cisco-sa-20170419-asa-xauth)

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and ar...

7.7CVSS7.6AI score0.02988EPSS
Exploits0References1
Cisco
Cisco
added 2017/04/19 4:0 p.m.25 views

Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...

7.7CVSS7.6AI score0.02988EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/04/19 12:0 a.m.5 views

PT-2017-17181 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.17.7 Cisco ASA Software versions prior to 9.24.11 Cisco ASA Software versions prior to 9.44 Cisco ASA Software versions prior to 9.53 Cisco ASA Software versions prior to 9.61.5 Description: A...

7.7CVSS7.4AI score0.02988EPSS
Exploits0References5
OSV
OSV
added 2017/04/10 3:59 a.m.5 views

CVE-2016-5056

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...

7.5CVSS5.8AI score0.01397EPSS
Exploits2References1
CNVD
CNVD
added 2017/02/15 12:0 a.m.8 views

Fortinet FortiManager Man-in-the-Middle Attack Vulnerability

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

7.4CVSS6.8AI score0.00899EPSS
Exploits0References1
Veracode
Veracode
added 2017/02/10 1:5 a.m.59 views

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious Pre-Shared Key identity hint to the system that can lead to a double free that can lead to the system crashing...

4.3CVSS6.1AI score0.12814EPSS
Exploits1References28Affected Software2
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.6 views

OpenSSL: Race condition handling PSK identify hint

A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key PSK identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL...

4.3CVSS6.8AI score0.12814EPSS
Exploits1References5
Prion
Prion
added 2016/10/13 10:59 a.m.10 views

Information disclosure

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

1.9CVSS6.2AI score0.00297EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/10/13 10:59 a.m.17 views

CVE-2016-7959

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

4.7CVSS4.3AI score0.00297EPSS
Exploits0References3
CVE
CVE
added 2016/10/13 10:0 a.m.48 views

CVE-2016-7959

Siemens SIMATIC STEP 7 (TIA Portal) before version 14 stores pre‑shared key data in TIA project files, enabling local attackers with file access to brute‑force and read sensitive information. The vulnerability is described across multiple sources (NVD entry for CVE-2016-7959 and PT Security advis...

4.7CVSS4.3AI score0.00297EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/10/13 10:0 a.m.24 views

CVE-2016-7959

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

4.3AI score0.00297EPSS
Exploits0References3
CNVD
CNVD
added 2016/10/13 12:0 a.m.4 views

Siemens SIMATIC STEP 7 suffers from an information disclosure vulnerability (CNVD-2016-08768)

Siemens SIMATIC is an automation software with a single engineering environment. An information disclosure vulnerability exists in Siemens SIMATIC STEP 7 V12 and V13. A local attacker can exploit the vulnerability to read TIA project files by brute-force breaking the pre-shared key, resulting in...

4.7CVSS5.9AI score0.00297EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2016/01/13 3:50 a.m.16 views

How to Hack WiFi Password from Smart Doorbells

The buzz around The Internet of Things IoT is growing, and it is growing at a great pace. Every day the technology industry tries to connect another household object to the Internet. One such internet-connected household device is a Smart Doorbell. Gone are the days when we have regular doorbells...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/12/14 4:47 a.m.6 views

OpenSSL: Race condition handling PSK identify hint

A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key PSK identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL...

4.3CVSS6.8AI score0.12814EPSS
Exploits1References5
CNVD
CNVD
added 2015/12/06 12:0 a.m.5 views

OpenSSL Competitive Conditional Denial of Service Vulnerability

OpenSSL is an open source implementation of SSL for strong encryption of network communications. A security vulnerability exists in OpenSSL, which can be exploited by a remote attacker to send a special PSK identity that triggers a contention condition and then triggers two releases of memory,...

4.3CVSS8.6AI score0.12814EPSS
Exploits1References1
Rows per page
Query Builder