Lucene search
K

51 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:1 a.m.10 views

CVE-2023-25183

In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device...

8.3CVSS7.7AI score0.00632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.6 views

CVE-2023-31240

Snap One OvrC Pro versions prior to 7.2 have their own locally running web server accessible both from the local network and remotely. OvrC cloud contains a hidden superuser account accessible through hard-coded credentials...

9.8CVSS6.7AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.4 views

CVE-2023-31245

Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP connection. Attackers could impersonate a device and supply malicious information about the device’s web server interface. By supplying malicious parameters, an attacker could redire...

7.1CVSS6.7AI score0.0039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.10 views

CVE-2023-31241

Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright...

10CVSS7.1AI score0.00764EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32108

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35560

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.0039EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29147

Malicious code in bioql PyPI...

8.3CVSS7AI score0.00632EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32082

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00419EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32310

Malicious code in bioql PyPI...

8.6CVSS8.7AI score0.00517EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45182

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:47 a.m.8 views

CVE-2024-50380

Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device...

8.7CVSS6.6AI score0.0048EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:48 a.m.7 views

CVE-2023-31193

Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation...

7.5CVSS6.9AI score0.00383EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 5:15 p.m.22 views

CVE-2024-50381

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original connection and make a reque...

8.8CVSS0.00542EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 5:15 p.m.13 views

CVE-2024-50380

Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device...

8.7CVSS0.0048EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 4:34 p.m.21 views

CVE-2024-50381 Missing Authentication for Critical Function in Snap One OVRC cloud

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original connection and make a reque...

8.8CVSS0.00542EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/02 4:34 p.m.13 views

CVE-2024-50381 Missing Authentication for Critical Function in Snap One OVRC cloud

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and send requests to claim and unclaim devices. The attacker only needs to provide the MAC address of the targeted device and can make a request to unclaim it from its original connection and make a reque...

8.8CVSS6.8AI score0.00542EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 4:34 p.m.49 views

CVE-2024-50381

CVE-2024-50381 affects Snap One OvrC Cloud. The Red Hat/NVD/ICS data show the issue: an attacker can impersonate a hub and send requests to claim/unclaim devices using the MAC address, enabling remote access/control within OvrC Pro. Affected product: OvrC Pro (all versions before 7.3). Impact and...

8.8CVSS6.5AI score0.00542EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/02 4:34 p.m.12 views

CVE-2024-50380 Authentication Bypass by Spoofing in Snap One OVRC cloud

Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device...

8.7CVSS6.6AI score0.0048EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 4:34 p.m.54 views

CVE-2024-50380

CVE-2024-50380 affects Snap One OvrC cloud where MAC addresses are used as identifiers to disclose device information. Affected component: OvrC cloud platform; vulnerability path allows an attacker to impersonate other devices by supplying enumerated MAC addresses and receive sensitive device inf...

8.7CVSS6.3AI score0.0048EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 4:34 p.m.21 views

CVE-2024-50380 Authentication Bypass by Spoofing in Snap One OVRC cloud

Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested. An attacker can impersonate other devices by supplying enumerated MAC addresses and receive sensitive information about the device...

8.7CVSS0.0048EPSS
Exploits0References1
Rows per page
Query Builder