Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

538 matches found

Prion
Prionadded 2023/05/15 11:15 a.m.21 views

Design/Logic Flaw

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface...

5CVSS5.4AI score0.00785EPSS
Exploits0References3Affected Software7
Prion
Prionadded 2023/05/15 11:15 a.m.14 views

Default credentials

Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via...

7.5CVSS9.5AI score0.0071EPSS
Exploits0References3Affected Software7
Prion
Prionadded 2023/05/15 11:15 a.m.11 views

Improper access control

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface...

5CVSS7.5AI score0.00891EPSS
Exploits0References3Affected Software7
Prion
Prionadded 2023/05/15 11:15 a.m.21 views

Open redirect

Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface...

5CVSS7.5AI score0.01117EPSS
Exploits0References3Affected Software7
Prion
Prionadded 2023/05/15 11:15 a.m.17 views

Improper access control

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface...

5CVSS7.6AI score0.00659EPSS
Exploits0References3Affected Software7
CVE
CVEadded 2023/05/15 10:55 a.m.56 views

CVE-2023-23450

The CVE-2023-23450 issue concerns the SICK FTMg AIR FLOW SENSOR family (part numbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526). A vulnerability allows an unprivileged remote attacker to log into a valid user account by providing a password hash instead of a real password via ...

9.8CVSS7.3AI score0.0071EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/05/15 10:54 a.m.26 views

CVE-2023-23449

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface...

5.3CVSS5.6AI score0.00785EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/05/15 10:54 a.m.6 views

CVE-2023-23449

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface...

5.3CVSS6.1AI score0.00785EPSS
Exploits0References3
CVE
CVEadded 2023/05/15 10:53 a.m.47 views

CVE-2023-23447

The CVE-2023-23447 entry involves the SICK FTMg AIR FLOW SENSOR. It affects the device’s REST interface for multiple part numbers (1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526). The issue is described as an uncontrolled resource consumption that allows an unprivileged remote atta...

7.5CVSS7.1AI score0.01117EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/05/15 10:52 a.m.41 views

CVE-2023-23446

The CVE-2023-23446 issue affects SICK FTMg AIR FLOW SENSOR versions/partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526, caused by improper access control. An unprivileged remote attacker can download files via the REST interface, exposing confidentiality (CVSS3.1: HIGH, AV:...

7.5CVSS7.2AI score0.00891EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/15 10:52 a.m.11 views

CVE-2023-23446

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface...

7.5CVSS7.2AI score0.00891EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/05/15 10:52 a.m.22 views

CVE-2023-23446

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface...

7.5CVSS7.7AI score0.00891EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/05/15 10:51 a.m.19 views

CVE-2023-23445

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface...

7.5CVSS7.8AI score0.00659EPSS
Exploits0References3
CVE
CVEadded 2023/05/15 10:51 a.m.47 views

CVE-2023-23445

CVE-2023-23445 affects SICK FTMg AIR FLOW SENSOR (partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526). The root cause is Improper Access Control allowing an unprivileged remote attacker to access data fields via the REST interface. The CVE has a high impact on confidentiali...

7.5CVSS7.1AI score0.00659EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/15 10:51 a.m.15 views

CVE-2023-23445

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface...

7.5CVSS7.1AI score0.00659EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/05/15 12:0 a.m.5 views

PT-2023-18955 · Sick · Sick Ftmg Air Flow Sensor

Name of the Vulnerable Software and Affected Versions: SICK FTMg AIR FLOW SENSOR versions with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 Description: The issue allows an unprivileged remote attacker to download files by using an unprivileged account via the "REST...

7.5CVSS7.4AI score0.00891EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/05/15 12:0 a.m.4 views

PT-2023-18954 · Sick · Sick Ftmg Air Flow Sensor

Name of the Vulnerable Software and Affected Versions: SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 Description: The issue is related to improper access control, allowing an unprivileged remote attacker to gain unauthorized access to dat...

7.5CVSS7.5AI score0.00659EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/03/15 7:58 p.m.32 views

Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-glance) security update

An update for openstack-glance is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

5.7CVSS6.8AI score0.01025EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2023/03/14 6:47 p.m.4 views

kafka: RCE/DoS via SASL JAAS JndiLoginModule configuration in Kafka Connect

A flaw was found in Apache Kafka Connect's REST API that permits configuration of SASL property by an authenticated operator, which could allow connection to a malicious LDAP server and subsequent deserialization of malicious content. This issue could allow an authenticated attacker to cause a...

8.8CVSS7.5AI score0.95302EPSS
Exploits7References6
RedHat Linux
RedHat Linuxadded 2023/02/28 3:48 p.m.25 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (openstack-glance) security update

An update for openstack-glance is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.7CVSS6.8AI score0.01025EPSS
Exploits1References2
Rows per page
Query Builder