Lucene search
K

5 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K38271531: BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340

Security Advisory Description An authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy SCP protocol from a remote system. CVE-2022-26340 Impact This vulnerability may allow an authenticated, high-privileged attacker who has...

4.9CVSS5.6AI score0.00435EPSS
Exploits0Affected Software14
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1652

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors...

4.9CVSS6.8AI score0.01859EPSS
Exploits0References5
CNVD
CNVD
added 2022/05/07 12:0 a.m.29 views

F5 BIG-IP multiple products have unspecified vulnerabilities

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing, etc. Several F5 BIG-IP products have security vulnerabilities that can be exploited by attackers to access certificate and key files from remote...

4.9CVSS3.1AI score0.00435EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2019/06/04 3:42 p.m.31 views

Sensitive Data Exposure in pem

Versions of pem before 1.13.2 expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of 20 random 0-f characters in...

2.8AI score
Exploits0References5Affected Software1
OSV
OSV
added 2013/03/20 4:55 p.m.1 views

DEBIAN-CVE-2013-1652

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors...

4.9CVSS6.8AI score0.01859EPSS
Exploits0References1
Rows per page
Query Builder