Lucene search
K

956 matches found

ATTACKERKB
ATTACKERKB
added 2022/07/12 2:15 p.m.1 views

CVE-2022-35321

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

5.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.6 views

The vulnerability of the display functions for hash functions of the application, as well as the export of audit logs and software for marking ballots with the ImageCast X device, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the hashing functions in software for ImageCast X labeling devices relates to changes in certification data or measurement reports. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

8.6CVSS5.5AI score0.00227EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2022/06/18 6:20 a.m.21 views

Learn Cybersecurity with Palo Alto Networks Through this PCCSA Course @ 93% OFF

In the world of cybersecurity, reputation is everything. Most business owners have little understanding of the technical side, so they have to rely on credibility. Founded back in 2005, Palo Alto Networks is a cybersecurity giant that has earned the trust of the business community thanks to its...

0.6AI score
Exploits0
CNVD
CNVD
added 2022/06/13 12:0 a.m.27 views

Powertek PDU Certification Bypass Vulnerability

Powertek, a company that manufactures data center-grade intelligent PDUs power distribution units, or heavy-duty power cords for server racks, has an authentication bypass vulnerability that can be exploited by an attacker to bypass active session authorization checks. It can then be used to gain...

9.8CVSS4.6AI score0.13425EPSS
Exploits1References1
NVD
NVD
added 2022/05/17 8:15 a.m.18 views

CVE-2013-10001

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

5.9CVSS0.00581EPSS
Exploits0References2
Prion
Prion
added 2022/05/17 8:15 a.m.12 views

Design/Logic Flaw

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

4.3CVSS6.9AI score0.00581EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/17 7:30 a.m.18 views

CVE-2013-10001 HTC One/Sense Mail Client certificate validation

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

4.8CVSS5.7AI score0.00581EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/05/17 7:30 a.m.6 views

CVE-2013-10001 HTC One/Sense Mail Client certificate validation

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

4.8CVSS5.9AI score0.00581EPSS
Exploits0References2
CVE
CVE
added 2022/05/17 7:30 a.m.57 views

CVE-2013-10001

CVE-2013-10001 affects HTC One/Sense 4.x: the mail client’s certificate validation is flawed. An exploit has been disclosed publicly and may be used, indicating a vulnerability in how the mail client handles server credentials. No further technical details are provided in the supplied documents.

5.9CVSS5.3AI score0.00581EPSS
Exploits0References2
OSV
OSV
added 2022/05/17 3:17 a.m.22 views

GHSA-P9WQ-MJH8-Q72M OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

8.7CVSS7.2AI score0.02586EPSS
Exploits0References14
Github Security Blog
Github Security Blog
added 2022/05/17 3:17 a.m.30 views

OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

4.3CVSS6.9AI score0.02586EPSS
Exploits0References15Affected Software2
OSV
OSV
added 2022/05/17 1:36 a.m.7 views

GHSA-8823-XPHR-QW9V Gentoo Portage does not verify X.509 certificates from SSL servers

The urlopen function in pym/portage/util/urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate...

9.3CVSS6.1AI score0.01557EPSS
Exploits1References8
Malwarebytes
Malwarebytes
added 2022/05/16 1:7 p.m.22 views

Why MRG-Effitas matters to SMBs

When selecting the right cybersecurity vendor to protect their operations, small- and medium-sized businesses SMBs can lean on several third-party research organizations that analyze which cybersecurity products can best prevent, detect, and clean up various types of cyberattacks today. But these...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/14 7:43 a.m.34 views

Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off

Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced...

7.1AI score
Exploits0
HackRead
HackRead
added 2022/05/11 12:9 p.m.16 views

How Much Can CCIE Enterprise Certified Professional Make?

By Owais Sultan Cisco CCIE Enterprise Infrastructure certificate, which is the successor of the old CCIE Routing and Switching certification, is… This is a post from HackRead.com Read the original post: How Much Can CCIE Enterprise Certified Professional Make?...

2.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/05/04 5:7 p.m.8 views

CMMC – The smoke is clearing

The smoke is finally starting to clear on "CMMC 2.0." Hundreds of companies are already lining up for Cybersecurity Maturity Model Certification assessments. Everything is taking place faster and with far more urgency than most organizations have planned around or prepared for...

2.3AI score
Exploits0
Fedora
Fedora
added 2022/03/26 3:53 p.m.35 views

[SECURITY] Fedora 36 Update: openvpn-2.5.6-1.fc36

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

9.8CVSS1.5AI score0.03519EPSS
Exploits0
Fedora
Fedora
added 2022/03/24 2:53 p.m.35 views

[SECURITY] Fedora 34 Update: openvpn-2.5.6-1.fc34

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

9.8CVSS1.5AI score0.03519EPSS
Exploits0
OSV
OSV
added 2022/03/15 12:0 p.m.56 views

RUSTSEC-2022-0014 Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.9AI score0.70561EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/15 12:0 a.m.66 views

Ubuntu 16.04 ESM : OpenSSL vulnerability (USN-5328-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5328-2 advisory. USN-5328-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

7.5CVSS6.9AI score0.70561EPSS
Exploits2References2
Rows per page
Query Builder