Lucene search
K

162 matches found

Cvelist
Cvelist
added 2021/11/12 1:21 a.m.28 views

CVE-2021-42775

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. In...

9.4AI score0.00958EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/12 1:19 a.m.25 views

CVE-2021-42773

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated...

7.8AI score0.00964EPSS
Exploits0References2
Prion
Prion
added 2021/11/03 8:15 p.m.17 views

Buffer overflow

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user i...

6.8CVSS9.7AI score0.01243EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2021/11/03 7:13 p.m.26 views

CVE-2021-42772

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user i...

10AI score0.01243EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/18 12:0 a.m.17 views

Enbra Ewm Trust Management Issue Vulnerability

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses radios to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a trust management issue, which stems from multiple wireless M-Bus devices from Enbra using hard-coded credentials in secu...

6.5CVSS2.2AI score0.00219EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/18 12:0 a.m.13 views

Enbra Ewm Data Forgery Issue Vulnerability

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...

6.5CVSS2.1AI score0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/16 12:0 a.m.4 views

Enbra Ewm数据伪造问题漏洞

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...

6.5CVSS6.5AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/16 12:0 a.m.3 views

Enbra Ewm信任管理问题漏洞

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses radios to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a trust management issue, which stems from multiple wireless M-Bus devices from Enbra using hard-coded credentials in secu...

6.5CVSS6.5AI score0.00219EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2021/09/14 4:28 p.m.95 views

Update now! Google Chrome fixes two in-the-wild zero-days

Google announced on Monday that it will be issuing patches for 11 high severity vulnerabilities found in Chrome, including two that are currently being exploited in the wild. The patch, which is part of the Stable Channel Update for Chrome 93 93.0.4577.82, will be released for Windows, Mac, and...

6.8CVSS9.1AI score0.70435EPSS
Exploits12
Wired Threat Level
Wired Threat Level
added 2021/08/07 1:0 p.m.53 views

Microsoft Edge’s ‘Super Duper Secure Mode’ Does What It Says

Plus: Facebook account hacks, Instagram-ban scammers, and more of the week’s top security news...

1.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/06 2:36 p.m.203 views

Edge’s Super Duper Secure Mode benchmarked: How much speed would you trade for security?

In an attempt to make Edge more secure, the Microsoft Vulnerability Research team has started to experiment with disabling Just-In-Time JIT compilation in the browsers V8 JavaScript engine, to create what its calling Super Duper Secure Mode. The reasoning behind this experiment sounds valid. A...

7.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.5 views

The vulnerability of the Lilypond scorebook program lies in the absence of restrictions on the execution of Postscript and SVG commands in a secure mode, allowing an attacker to execute arbitrary code.

The vulnerability of the Lilypond scorebook writing program lies in the lack of restrictions on the inclusion of Postscript and SVG commands when operating in a secure mode. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

10CVSS8.2AI score0.02371EPSS
Exploits0References9Affected Software4
RedHat Linux
RedHat Linux
added 2020/09/30 5:27 p.m.3 views

ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions

A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious...

6.8CVSS5.8AI score0.01373EPSS
Exploits0References5
NVD
NVD
added 2020/09/14 2:15 p.m.22 views

CVE-2020-12787

Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling...

7.5CVSS0.01227EPSS
Exploits0References1
Prion
Prion
added 2020/09/14 2:15 p.m.15 views

Design/Logic Flaw

Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling...

4.3CVSS7.5AI score0.01227EPSS
Exploits0References1
CVE
CVE
added 2020/09/14 1:24 p.m.45 views

CVE-2020-12787

The CVE-2020-12787 entry concerns Microchip Atmel ATSAMA5 products in Secure Mode where an attacker can bypass applet handling security mechanisms. Connected sources corroborate the issue across Red Hat advisory and NVD entries, indicating the vulnerability affects ATSAMA5 SoCs operating in Secur...

7.5CVSS7.4AI score0.01227EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/14 1:24 p.m.28 views

CVE-2020-12787

Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling...

7.5AI score0.01227EPSS
Exploits0References1
OSV
OSV
added 2020/05/28 3:15 p.m.2 views

CVE-2020-4233

IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this...

5.3CVSS5.9AI score0.00766EPSS
Exploits0References2
OSV
OSV
added 2020/04/13 1:15 p.m.1 views

DEBIAN-CVE-2020-1759

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...

6.8CVSS6.9AI score0.01373EPSS
Exploits0References1
OSV
OSV
added 2020/04/13 1:15 p.m.6 views

UBUNTU-CVE-2020-1759

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...

6.8CVSS7AI score0.01373EPSS
Exploits0References3
Rows per page
Query Builder