Lucene search
+L

515 matches found

Vulnrichment
Vulnrichment
added 2025/11/26 8:50 a.m.3 views

CVE-2025-59390 Apache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly.

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...

6.8AI score0.00597EPSS
Exploits0References1
OSV
OSV
added 2025/11/10 6:54 p.m.5 views

MGASA-2025-0272 Updated strongswan packages fix security vulnerability

Buffer Overflow When Handling EAP-MSCHAPv2 Failure Requests. CVE-2025-62291...

8.1CVSS5.8AI score0.00879EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.4 views

CVE-2025-54970

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some configurations, this may allow remote or local users to abort jobs or read information without the permissions of the job owner...

6.1AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-43990

Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2 Description The SOCET GXP Job Status Service does not properly authenticate requests. This can allow remote or local users to perform actions, such as aborting jobs or reading information, without the...

6.5CVSS6.4AI score0.0023EPSS
Exploits0References4
CVE
CVE
added 2025/10/27 12:0 a.m.23 views

CVE-2025-54970

BAE Systems SOCET GXP prior to version 4.6.0.2 contains a vulnerability in the Job Status Service where requests are not authenticated. In affected configurations, remote or local users may abort jobs or read information without the job owner’s permissions. The issue is documented across multiple...

6.5CVSS6.1AI score0.0023EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.6 views

Siemens SIMATIC ET 200SP Communication Processors Missing Authentication For Critical Function (CVE-2025-40771)

Affected devices do not properly authenticate configuration connections. This could allow an unauthenticated remote attacker to access the configuration data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900...

9.8CVSS5.5AI score0.00496EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/27 12:0 a.m.7 views

EUVD-2025-36207

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some configurations, this may allow remote or local users to abort jobs or read information without the permissions of the job owner...

5.9AI score0.0023EPSS
Exploits0References3
NVD
NVD
added 2025/10/23 8:15 p.m.4 views

CVE-2025-55067

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

7.1CVSS0.00428EPSS
Exploits0References3
CVE
CVE
added 2025/10/23 7:39 p.m.14 views

CVE-2025-55067

The CVE concerns Veeder-Root TLS4B Automatic Tank Gauge (ATG) System and describes an integer wraparound/overflow when Unix time reaches the 2038 epoch. The core issue is improper handling of times beyond January 19, 2038, causing the system clock to roll back to December 13, 1901. Consequences d...

7.1CVSS6.5AI score0.00428EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/23 7:39 p.m.7 views

CVE-2025-55067 Integer Overflow or Wraparound in Veeder-Root TLS4B Automatic Tank Gauge System

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

7.1CVSS0.00428EPSS
Exploits0References3
NVD
NVD
added 2025/10/23 5:15 p.m.5 views

CVE-2025-34155

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

6.9CVSS0.00647EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/23 4:9 p.m.8 views

EUVD-2025-35702

OctoPrint-SpoolManager is a plugin for managing spools and all their usage metadata. In versions 1.8.0a2 and older of the testing branch and versions 1.7.7 and older of the stable branch, the APIs of the OctoPrint-SpoolManager plugin do not correctly enforce authentication or authorization checks...

8.1CVSS6.5AI score0.00433EPSS
Exploits0References4
OSV
OSV
added 2025/10/23 4:9 p.m.11 views

CVE-2025-62169 OctoPrint-SpoolManager Plugin APIs do not enforce authentication

OctoPrint-SpoolManager is a plugin for managing spools and all their usage metadata. In versions 1.8.0a2 and older of the testing branch and versions 1.7.7 and older of the stable branch, the APIs of the OctoPrint-SpoolManager plugin do not correctly enforce authentication or authorization checks...

8.1CVSS7AI score0.00433EPSS
Exploits0References6
OSV
OSV
added 2025/10/17 2:54 p.m.5 views

OESA-2025-2427 fetchmail security update

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...

5.9CVSS7.1AI score0.00384EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-14222

Malware in sbrugna...

10CVSS9.1AI score0.03358EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-4619

Malware in sbrugna...

6.4CVSS6.4AI score0.02166EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2017-7239

Malware in sbrugna...

9.3CVSS7.9AI score0.00874EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-30349

Malware in sbrugna...

7.5CVSS7.5AI score0.01356EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-7935

Malware in sbrugna...

5.9CVSS7.4AI score0.14225EPSS
Exploits1References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-1821

Malware in sbrugna...

6.5CVSS6.4AI score0.02086EPSS
Exploits1References5
Rows per page
Query Builder