Lucene search
+L

408 matches found

CNNVD
CNNVD
added 2024/05/21 12:0 a.m.40 views

GNOME Remote desktop 安全漏洞

GNOME Remote desktop is a remote desktop software from GNOME open source. A security vulnerability exists in GNOME Remote desktop that stems from insufficient authentication of the session agent, resulting in the system RDP TLS certificates and keys being potentially exposed to unauthorized users...

7.5CVSS7.5AI score0.00569EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Knowbe4 Phish Alert Button 安全漏洞

Knowbe4 Phish Alert Button is an application from Knowbe4, Inc. A security vulnerability exists in Knowbe4 Phish Alert Button, which stems from insufficient domain authentication and could lead to remote code execution by Outlook PAB via DNS spoofing...

6CVSS6.3AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.10 views

PT-2024-7445 · Samsung · Samsung Android

Name of the Vulnerable Software and Affected Versions: Samsung Android mobile devices affected versions not specified Samsung Android mobile devices versions prior to SMR May-2024 Release 1 Description: The issue is related to weaknesses in the authentication procedure of the bootloader component...

7.2CVSS7.3AI score0.00317EPSS
Exploits1References18
BDU FSTEC
BDU FSTEC
added 2024/05/01 12:0 a.m.8 views

The vulnerability of the wpa_check_authentication() function in the Analytify plugin of the WordPress content management system allows a hacker to modify the Google Analytics tracking identifier of the website.

The vulnerability of the wpacheckauthentication function in the Analytify plugin of the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to modify the Google Analytics tracking identifier of t...

5.3CVSS5.4AI score0.00435EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/25 12:0 a.m.12 views

The vulnerability of the Open vSwitch (OvS) multi-level switch lies in insufficient data authentication, which allows attackers to redirect ICMPv6 traffic to arbitrary IP addresses.

The vulnerability of the Open vSwitch OvS multi-level switch lies in insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker to redirect ICMPv6 traffic to arbitrary IP addresses...

5.5CVSS6.6AI score0.00389EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2024/04/18 12:0 a.m.8 views

The vulnerability of the NTPSyncWithHost function in TOTOLINK EX200 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the NTPSyncWithHost function in TOTOLINK EX200 router microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the hostTime parameter...

5.3CVSS6AI score0.01368EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2024/04/16 6:13 a.m.7 views

WordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerability

Auth. SQL Injection vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin SP Project & Document Manager versions = 4.71...

7.6CVSS8.1AI score0.00486EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/13 12:0 a.m.13 views

PT-2024-3358 · Netcat · Netcat

Name of the Vulnerable Software and Affected Versions: Netcat affected versions not specified Description: The issue is related to weaknesses in the authentication mechanism of the Netcat CMS system. Exploitation of this issue may allow a remote attacker to gain access to protected information...

7.1CVSS7.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.6 views

The vulnerability of Zoom’s video conferencing software, related to deficiencies in authentication procedures, allows attackers to disclose protected information.

The vulnerability of Zoom, a video conferencing software, is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to disclose protected information...

6.1CVSS5.5AI score0.00531EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/04/08 12:0 a.m.13 views

The vulnerability of the SSH library wolfSSH, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.

The vulnerability of the SSH library wolfSSH is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

9.4CVSS5.5AI score0.00628EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/03 12:0 a.m.8 views

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to deficiencies in the authentication mechanism, allows a hacker to register arbitrary users in the system.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to register arbitrary users in the...

6.8CVSS5.6AI score0.00428EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.6 views

PT-2024-5662 · Korenix · Korenix Jetport +1

Name of the Vulnerable Software and Affected Versions: Korenix JetPort versions 1.2 and earlier Korenix JetPort 5601v3 versions through 1.2 Description: The issue is related to weaknesses in the authentication procedure of the Korenix JetPort serial device server. It may allow a remote attacker t...

10CVSS7.6AI score0.00898EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.5 views

The vulnerability of the Siemens Siveillance Control software for video surveillance and security systems, related to authentication mechanisms that lack sufficient protection, allows attackers to gain access to objects for which they only have read-only rights.

The vulnerability of the Siemens Siveillance Control software for video surveillance and security systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an intruder to gain access to objects for which they only have read-only permissions...

5.5CVSS6AI score0.00142EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/19 12:0 a.m.6 views

The vulnerability of the Podlove Web Player plugin in the WordPress content management system, related to deficiencies in the authentication process, allows attackers to compromise the integrity and confidentiality of protected information.

The vulnerability of the Podlove Web Player plugin in the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the integrity and confidentiality of the protected information...

6.5CVSS6.6AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.7 views

PT-2024-6652 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2023.6, 2021.12 and earlier Description: The issue is related to weaknesses in the authentication procedure of the ColdFusion platform. This can be exploited by a remote attacker to gain unauthorized access and escalate...

7.8CVSS7.6AI score0.00601EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.8 views

PT-2024-2048 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE AUTH negotiation process. The scenarios in which disclosure...

3.7CVSS7.2AI score0.00326EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/02/22 12:0 a.m.8 views

The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers stems from deficiencies in the authentication process, allowing attackers to escalate their privileges.

The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.2CVSS5.9AI score0.00213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/21 12:0 a.m.6 views

The vulnerability of the LoginWindow component in the macOS operating system, which allows a hacker to disclose protected information

The vulnerability of the LoginWindow component in the macOS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by security measures...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.10 views

The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is caused by deficiencies in the authentication process, which allows unauthorized access to confidential information or causes service failures.

The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is related to deficiencies in the authentication process. Exploiting this vulnerability can allow unauthorized individuals to access confidential information or cause service failures...

9.4CVSS8AI score0.00471EPSS
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.5 views

PT-2024-1781 · Intel · Openbmc

Name of the Vulnerable Software and Affected Versions: Intel Server Product OpenBMC versions prior to egs-1.09 Description: The issue is related to improper authentication in the OpenBMC firmware, which may allow an authenticated user to escalate their privileges via local access. This is due to...

5.2CVSS5.2AI score0.00213EPSS
Exploits0References4
Rows per page
Query Builder