CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CNNVD•added 2023/12/12 12:0 a.m.•2 views

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2 that stems from hidden and hard-coded credentials...

7.2CVSS6.9AI score0.00279EPSS

Exploits1References2

CNNVD•added 2023/12/12 12:0 a.m.•1 views

ProLion CryptoSpike Security Vulnerability

6.5CVSS6.9AI score0.0022EPSS

Exploits1References2

CNNVD•added 2023/12/12 12:0 a.m.•3 views

ProLion CryptoSpike Security Vulnerability

7.5CVSS7AI score0.00073EPSS

Exploits1References2

CNNVD•added 2023/12/12 12:0 a.m.•2 views

ProLion CryptoSpike Security Vulnerability

8.2CVSS7AI score0.00591EPSS

Exploits1References2

CNNVD•added 2023/12/12 12:0 a.m.•3 views

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2 that originates from the insertion of sensitive information in a centralized Grafana logging system...

9.1CVSS6.5AI score0.00103EPSS

Exploits1References2

Positive Technologies•added 2023/12/11 12:0 a.m.•2 views

PT-2023-25654 · Prolion · Prolion Cryptospike

Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: A missing integrity check in the update system allows attackers to execute OS commands as the root Linux user on the host system via forged update packages. Recommendations: For ProLion...

7.2CVSS7.2AI score0.00061EPSS

Exploits1References5

Positive Technologies•added 2023/12/11 12:0 a.m.•2 views

PT-2023-25656 · Prolion · Prolion Cryptospike

Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: A SQL Injection issue exists in the users searching REST API endpoint, allowing remote authenticated attackers to read database data via SQL commands injected in the search parameter...

4.3CVSS4.9AI score0.00052EPSS

Exploits1References5

Positive Technologies•added 2023/12/11 12:0 a.m.•3 views

PT-2023-25655 · Prolion · Prolion Cryptospike

Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: The issue concerns hidden and hard-coded credentials in the software, allowing remote attackers to login to web management as a super-admin. This access enables the consumption of the most...

7.2CVSS6.9AI score0.00279EPSS

Exploits1References5

Positive Technologies•added 2023/12/11 12:0 a.m.•3 views

PT-2023-25650 · Prolion · Prolion Cryptospike

Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: A hard-coded cryptographic private key used to sign JWT authentication tokens allows remote attackers to impersonate arbitrary users and roles in web management and REST API endpoints via...

7.5CVSS7.7AI score0.00073EPSS

Exploits1References6

CNNVD•added 2023/12/06 12:0 a.m.•4 views

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2, which stems from a vulnerability that allows a remotely blocked user to log in and obtain an authentication token by specifying a...

9.8CVSS9.4AI score0.00106EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by