Lucene search
+L

408 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-2224

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets...

5CVSS7.2AI score0.10358EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.3 views

SUSE CVE-2018-18505

An earlier fix for an Inter-process Communication IPC vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...

8.8CVSS9.1AI score0.04538EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2023/02/15 12:0 a.m.8 views

PT-2023-2270 · Solarwinds · Solarwinds Server/Application Monitor

Name of the Vulnerable Software and Affected Versions: Solarwinds Server & Application Monitor affected versions not specified Description: The issue is related to weaknesses in the authentication procedure, allowing a remote attacker to bypass authentication and access confidential information...

7.8CVSS7.5AI score0.00754EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/02/10 12:0 a.m.10 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab allows a hacker to circumvent security restrictions.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to shortcomings in the authentication process when managing keys and tokens using deployment scripts. Exploiting this vulnerability allows a malicious actor to circumvent security...

9.4CVSS6AI score0.0089EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2023/02/08 6:41 p.m.7 views

plugin: Lack of authentication mechanism in Git Plugin webhook

A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

7.5CVSS5.8AI score0.05563EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.7 views

The vulnerability of TP-Link SG105PE microcontroller software, related to deficiencies in authentication procedures, allows attackers to bypass the authentication process.

The vulnerability of TP-Link SG105PE switch’s microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

4.2CVSS6.4AI score0.00945EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.9 views

The vulnerability of the web interface of the microprogramming software for Cisco IP Phones 7800 and Cisco IP Phone 8800 allows a malicious individual to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the web interface of Cisco IP Phones 7800 and 8800 microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information and increase their privileges...

9CVSS6.6AI score0.00613EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/01/03 12:0 a.m.8 views

The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller), as well as Citrix Gateway access control systems (formerly known as Citrix NetScaler Gateway), stems from insufficient verification of data authenticity. This allows attackers to gain access to servers configured in RDP proxy mode.

The vulnerability of Citrix ADC application delivery controllers formerly known as Citrix NetScaler Application Delivery Controller and Citrix Gateway access control systems formerly known as Citrix NetScaler Gateway is related to insufficient data authentication checks. Exploiting this...

10CVSS8AI score0.00275EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2022/12/22 12:0 a.m.7 views

PT-2022-7107 · Ibm · Ibm Security Verify Governance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance, Identity Manager version 10.0.1 Description: The issue is related to weaknesses in the authentication procedure of the Identity Manager component, which could allow an authenticated user to modify or cancel any...

5.9CVSS5.1AI score0.00366EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.10 views

The vulnerability of the implementation of the AAA TACACS+ protocol in the Brocade Fabric OS operating system allows a intruder to trigger a service failure.

The vulnerability of the aaa tacacs+ protocol implementation in the Brocade Fabric OS operating system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

5.3CVSS5.9AI score0.00905EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.21 views

The vulnerability of the RDP server FreeRDP, related to deficiencies in the authentication process, allows attackers to bypass the authentication process.

The vulnerability of the RDP server FreeRDP is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process remotely...

10CVSS7.4AI score0.02265EPSS
Exploits0References20Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/11/21 12:0 a.m.16 views

The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a hacker to circumvent security restrictions.

The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...

8.8CVSS7.5AI score0.01052EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/10 12:0 a.m.11 views

PT-2022-24213 · Unknown · Upsmon Pro

Name of the Vulnerable Software and Affected Versions: UPSMON Pro affected versions not specified Description: The UPSMON Pro login function has insufficient authentication, allowing an unauthenticated remote attacker to bypass authentication and gain administrator privileges to access, control t...

9.8CVSS9.8AI score0.01034EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.3 views

Cisco Adaptive Security Appliance(ASA)Software和Cisco Firepower Threat Defense(FTD)Software 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco Corporation.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to...

5.8CVSS6AI score0.00683EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/10/20 12:0 a.m.6 views

CVE-2022-37298

Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server...

9.6AI score0.01991EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2022/10/11 12:0 a.m.4 views

The vulnerability of the SMTP server of the SuiteCRM system, which manages customer relationships, allows attackers to compromise the integrity of the protected information.

The vulnerability of the SMTP server of the SuiteCRM system for managing customer relationships is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

6.8CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/06 12:0 a.m.5 views

The vulnerability of the Valmet System 2019 software suite (Metso DNA) lies in the lack of authentication for a critical function, allowing a perpetrator to execute arbitrary codes.

The vulnerability of the Valmet System 2019 software suite Metso DNA is related to the lack of authentication for a critical function. Exploiting this vulnerability allows a remote attacker to execute any code on the server...

10CVSS5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/10/04 12:0 a.m.8 views

The vulnerability of Xen hypervisors, related to deficiencies in the authorization process, allows attackers to gain unauthorized access to protected information.

The vulnerability of Xen hypervisors is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

8.8CVSS7.6AI score0.00304EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.13 views

The vulnerability of the Corosync/Pacemaker PCS configuration tool is related to deficiencies in the authentication process, which allows attackers to escalate their privileges.

The vulnerability of the Corosync/Pacemaker PCS configuration tool is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS7.2AI score0.01825EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/08/26 12:0 a.m.7 views

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to increase their privileges.

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges...

10CVSS7.6AI score0.01018EPSS
Exploits0References2
Rows per page
Query Builder