Lucene search
K

128 matches found

Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.9 views

PT-2025-39470

Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices decrypt Bluetooth Low Energy BLE packet data using a fixed key df98b715d5c6ed2b25817b6f2554124a and Initialization Vector IV 2841ae97419c2973296a0d4bdfe19a4f. This...

4.7CVSS6.5AI score0.00177EPSS
Exploits0References9
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10751 Malicious code in @zalastax/nolb-b2 (npm)

The package @zalastax/nolb-b2 was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9797 Malicious code in @zalastax/nolb-_b2 (npm)

The package @zalastax/nolb-b2 was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-b2 (npm)

The package @zalastax/nolb-b2 was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.7 views

CVE-2022-23651

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS6AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.3 views

PT-2024-38851 · Ruijie · Ruijie Eg2000K

Name of the Vulnerable Software and Affected Versions: Ruijie EG2000K version 11.16B2 Description: A critical issue has been found, affecting unknown code of the file /tool/index.php?c=download&a=save. The manipulation of the content argument leads to unrestricted upload. The attack can be...

5.8CVSS5.2AI score0.00677EPSS
Exploits1References12
Openbugbounty
Openbugbounty
added 2023/12/25 2:17 a.m.5 views

editions-b2.com Improper Access Control vulnerability OBB-3822051

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.5 views

PT-2022-24474

Name of the Vulnerable Software and Affected Versions Teleport versions 3.2.2 through 3.6.3-b2 Description The issue is an information leak via the "/user/get-role-list" web interface. This leak was discovered in the specified versions of Teleport. There is no information provided about the...

6.5CVSS6.5AI score0.00803EPSS
Exploits1References8
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.4 views

Teleport 安全漏洞

Teleport is an identity-aware, multi-protocol access agent from Teleport, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications and databases across all environments. A security vulnerability exists in Teleport versions v3.2.2,...

6.5CVSS6.4AI score0.00803EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/08/01 12:0 a.m.8 views

Fedora: Security Advisory for restic (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/31 1:37 a.m.20 views

[SECURITY] Fedora 36 Update: restic-0.12.1-4.fc36

A backup program that is easy, fast, verifiable, secure, efficient and free. Backup destinations can be: Local SFTP REST Server Amazon S3 Minio Server OpenStack Swift Backblaze B2 Microsoft Azure Blob Storage Google Cloud Storage Other Services via rclone...

2.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.19 views

Fedora: Security Advisory for restic (FEDORA-2022-ba365d3703)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05416EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/13 2:0 a.m.41 views

[SECURITY] Fedora 36 Update: restic-0.12.1-3.fc36

A backup program that is easy, fast, verifiable, secure, efficient and free. Backup destinations can be: Local SFTP REST Server Amazon S3 Minio Server OpenStack Swift Backblaze B2 Microsoft Azure Blob Storage Google Cloud Storage Other Services via rclone...

9.3CVSS2.3AI score0.05416EPSS
Exploits4
OSV
OSV
added 2022/02/24 1:11 p.m.26 views

GHSA-8WR4-2WM6-W3PR B2 Command Line Tool TOCTOU application key disclosure

Impact Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race condition. The command line tool saves API keys and bucket...

5.7CVSS4.2AI score0.00206EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/02/24 1:11 p.m.25 views

B2 Command Line Tool TOCTOU application key disclosure

Impact Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race condition. The command line tool saves API keys and bucket...

4.7CVSS0.7AI score0.00206EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/24 12:8 p.m.3 views

django-b2 (>=0.1.4 <=0.7.0), mdid (=3.6.0) potentially affected by CVE-2022-23651 via b2sdk (>=0.1.6 <=1.0.2)

b2sdk PYPI version =0.1.6, =0.1.4, =0.7.0 - mdid =3.6.0 Source cves: CVE-2022-23651 Source advisory: OSV:GHSA-P867-FXFR-PH2W...

4.7CVSS5.8AI score0.00214EPSS
Exploits0
OSV
OSV
added 2022/02/24 12:8 p.m.37 views

GHSA-P867-FXFR-PH2W b2-sdk-python TOCTOU application key disclosure

Impact Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race condition. SDK users of the SqliteAccountInfo format are vulnerable while users...

5.7CVSS4.3AI score0.00214EPSS
Exploits0References6
Veracode
Veracode
added 2022/02/24 11:4 a.m.27 views

Time-of-check-time-of-use (TOCTOU)

b2 is vulnerable to time-of-check-time-of-use. A local attacker is able to read the contents of the local database file where API keys are saved when b2 authorize-accounto is first run, resulting in sensitive information disclosure via race condition...

4.7CVSS3AI score0.00206EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/02/23 11:15 p.m.46 views

CVE-2022-23651

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS0.00214EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/02/23 11:15 p.m.4 views

django-b2 (>=0.1.4 <=0.7.0), mdid (=3.6.0) potentially affected by CVE-2022-23651 via b2sdk (>=0.1.6 <=1.0.2)

b2sdk PYPI version =0.1.6, =0.1.4, =0.7.0 - mdid =3.6.0 Source cves: CVE-2022-23651 Source advisory: OSV:PYSEC-2022-33...

4.7CVSS5.8AI score0.00214EPSS
Exploits0
Rows per page
Query Builder