40 matches found
EUVD-2007-4343
Malware in sbrugna...
EUVD-2020-24681
Malware in sbrugna...
EUVD-2020-8064
Malware in sbrugna...
EUVD-2025-12152
Malicious code in bioql PyPI...
EUVD-2023-53242
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-16421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by...
NIH BRICS 14.0.0-67 Predictable Tokens
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
CVE-2022-40633
A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks...
CVE-2025-27580
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
CVE-2025-27580
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
CVE-2025-27580
CVE-2025-27580 affects NIH BRICS (Biomedical Research Informatics Computing System) up to version 14.0.0-67. The issue is that token generation is predictable, depending on the user’s username, time, and a fixed string (7Dl9#dj-), which enables unauthenticated users with a CAC to escalate privile...
CVE-2025-27580
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
CVE-2025-27580
NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 generates predictable tokens that depend on username, time, and the fixed 7Dl9dj- string and thus allows unauthenticated users with a Common Access Card CAC to escalate privileges and compromise any account, includin...
CVE-2020-16098
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166MR3, versions of 8.10 prior to v8.10.1211MR5, versions of 8.00 prior to v8.00.1228MR6, all versions of 7.90 and earlier. These...
CVE-2021-47369
CVE-2021-47369 — Linux kernel (s390/qeth): The issue is a NULL dereference in qeth_clear_working_pool_list() triggered when qeth_set_online() rolls back after an error in qeth_hardsetup_card(), before card->qdio.in_q has been allocated by qeth_alloc_qdio_queues() via qeth_mpc_initialize(). Thi...
Cisco Firepower Management Center Software Common Access Card Authentication Bypass (cisco-sa-fmc-cacauthbyp-NCLGZm3Q)
According to its self-reported version, Cisco Firepower Management Center is affected by a vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the F...
opensc: Improper handling of buffer limits for CAC certificates
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...
CVE-2020-3410
A vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The...
Authentication flaw
A vulnerability in the Common Access Card CAC authentication feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. The attacker must have a valid CAC to initiate the access attempt. The...
CVE-2020-3410
CVE-2020-3410 affects Cisco Firepower Management Center (FMC) Software CAC authentication: vulnerability in session invalidation that allows an unauthenticated, remote attacker with a valid CAC to bypass authentication and access FMC with the privileges of a CAC-authenticated user currently logge...