Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1824 matches found

NVD
NVDadded 2024/02/01 11:15 p.m.12 views

CVE-2023-49115

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

7.5CVSS7.8AI score0.00082EPSS
Exploits0References2
Prion
Prionadded 2024/02/01 11:15 p.m.16 views

Design/Logic Flaw

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

5CVSS7.4AI score0.00082EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/02/01 10:28 p.m.12 views

CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

7.5CVSS7.2AI score0.00082EPSS
Exploits0References2
CVE
CVEadded 2024/02/01 10:28 p.m.40 views

CVE-2023-49115

CVE-2023-49115 concerns MachineSense FeverWarn devices where unauthenticated MQTT messaging allows remote viewing of sensor data. Affected components include FeverWarn ESP32, FeverWarn RaspberryPi, and FeverWarn DataHub RaspberryPi. Root cause stated across sources is missing authentication for c...

7.5CVSS7.6AI score0.00082EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/02/01 10:28 p.m.11 views

CVE-2023-49115 MachineSense FeverWarn Missing Authentication for Critical Function

MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote viewing of sensor data by users...

7.5CVSS7.8AI score0.00082EPSS
Exploits0References2
Qualys Blog
Qualys Blogadded 2024/02/01 12:0 a.m.31 views

Identify and De-risk Unmanaged, Unauthorized Devices With Qualys CyberSecurity Asset Management (CSAM)

69% of organizations said they experienced at least one cyberattack resulting from an exploit of an unknown or unmanaged asset such as software, cloud-based workloads user accounts, and IoT devices. Ultimately, these attacks stem from visibility gaps in the attack surface. Bringing these assets...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTECadded 2024/01/30 12:0 a.m.1 views

The vulnerability of the Intel Integrated Sensor Hub driver in the microprogramming software for NUC P14E Laptop Element allows a hacker to gain increased privileges.

The vulnerability of the Intel Integrated Sensor Hub driver for NUC P14E Laptop Element notebooks is related to the default access settings. Exploiting this vulnerability can allow attackers to gain increased privileges...

6.7CVSS7.2AI score0.00037EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/01/29 12:0 a.m.1 views

MachineSense FeverWarn Access Control Error Vulnerability

MachineSense FeverWarn is a temperature detection device from MachineSense. An access control error vulnerability exists in MachineSense FeverWarn that stems from the use of unauthenticated MQTT messaging to monitor the device and remotely view sensor data by a user...

7.5CVSS6.9AI score0.00082EPSS
Exploits0References5
Wired Threat Level
Wired Threat Leveladded 2024/01/27 2:0 p.m.14 views

23andMe Failed to Detect Account Intrusions for Months

Plus: North Korean hackers get into generative AI, a phone surveillance tool that can monitor billions of devices gets exposed, and ambient light sensors pose a new privacy risk...

7.4AI score
Exploits0
OSV
OSVadded 2024/01/27 1:15 a.m.2 views

CVE-2023-6482

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS5.8AI score0.00072EPSS
Exploits0References1
Prion
Prionadded 2024/01/27 1:15 a.m.12 views

Design/Logic Flaw

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

3.6CVSS6.8AI score0.00072EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/01/27 12:19 a.m.13 views

CVE-2023-6482 Encryption key derived from static host information

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS5.4AI score0.00072EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/01/27 12:19 a.m.10 views

CVE-2023-6482 Encryption key derived from static host information

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS6.8AI score0.00072EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/01/26 12:0 a.m.3 views

PT-2024-14964 · Synaptics · Synaptics Fingerprint Driver

Name of the Vulnerable Software and Affected Versions: Synaptics Fingerprint Driver affected versions not specified Description: The issue allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to it by using an encryption key derived from static...

5.2CVSS5AI score0.00072EPSS
Exploits0References6
Openbugbounty
Openbugbountyadded 2024/01/23 8:20 p.m.4 views

sensor-instruments.de Cross Site Scripting vulnerability OBB-3841788

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSVadded 2024/01/19 8:15 p.m.1 views

CVE-2023-29244

Incorrect default permissions in some Intel Integrated Sensor Hub ISH driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/01/19 8:3 p.m.2 views

CVE-2023-29244

Incorrect default permissions in some Intel Integrated Sensor Hub ISH driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS8.1AI score0.00037EPSS
Exploits0References1
OSV
OSVadded 2024/01/16 8:15 a.m.0 views

CVE-2023-52110

The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability...

7.5CVSS5.8AI score0.00063EPSS
Exploits0References2
NVD
NVDadded 2024/01/16 8:15 a.m.11 views

CVE-2023-52110

The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.6AI score0.00063EPSS
Exploits0References2
Prion
Prionadded 2024/01/16 8:15 a.m.19 views

Design/Logic Flaw

The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability...

5CVSS7.2AI score0.00063EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder