Lucene search
K

961 matches found

ICS
ICS
added 2025/08/12 12:0 a.m.13 views

Siemens Opcenter Quality

SUMMARY The Opcenter Quality is affected by multiple vulnerabilities in the SmartClient modules Opcenter QL Home SC, SOA Audit and SOA Cockpit. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

7.7AI score
Exploits0References10
CloudLinux
CloudLinux
added 2025/08/08 7:17 p.m.8 views

Update of nss

update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "certSIGN ROOT CA" - Certificate "ACCVRAIZ1" - Certificate "Entrust Root Certification Authority - G4" - Certificate "Security Communication ECC RootCA1" - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root...

7.3AI score
Exploits0
Gitee
Gitee
added 2025/07/27 3:39 a.m.116 views

Exploit for Incorrect Default Permissions in Microsoft

This List is no longer updated. Awesome Red Teaming List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. Anyway, this is a living resources and will update regularly with latest Adversarial Tactics and...

8.8CVSS9.9AI score0.15257EPSS
Exploits4
OSV
OSV
added 2025/07/09 6:49 p.m.9 views

CLSA-2025-1752086959 Update of ca-certificates

update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking" - Certificate "AffirmTrust Premium" - Certificate...

5.8AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/13 4:15 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to certification errors in golang.org/x/crypto/ssh [CVE-2024-45341]

Summary IBM Watson Speech Services Cartridge is vulnerable to certification errors in golang.org/x/crypto/ssh, because of conditions which incorrectly satisfy a URI name constraint that applies to certificate chains. CVE-2024-45341. Golang.org/x/crypto/ssh is used as part of our speech utilities...

6.1CVSS5.9AI score0.00458EPSS
Exploits0Affected Software1
Packet Storm News
Packet Storm News
added 2025/05/28 12:0 a.m.5 views

Efficient Preimage Approximation for Neural Network Certification

The growing reliance on artificial intelligence in safety- and security-critical applications demands effective neural network certification. A challenging real-world use case is certification against patch attacks'', where adversarial patches or lighting conditions obscure parts of images, for...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-3887603605)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-17fed14cc3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.7 views

CVE-2025-20126

A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate...

4.8CVSS6.9AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.7 views

CVE-2024-50559

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...

5.1CVSS6.7AI score0.00265EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.7 views

CVE-2023-38686

Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the-middle MITM attack. Attackers with...

9.3CVSS6.5AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:16 a.m.8 views

CVE-2022-45458

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent Windows, macOS, Linux before build 29633, Acronis Cyber Protect 15 Windows, macOS, Linux before build 30984...

7.5CVSS6.6AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.7 views

CVE-2022-45457

Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent Windows before build 29633, Acronis Cyber Protect 15 Windows before build 30984...

7.5CVSS6.6AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:28 p.m.8 views

CVE-2021-3309

packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,...

8.1CVSS6.9AI score0.01696EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.6 views

CVE-2021-32015

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

6CVSS6.8AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.7 views

CVE-2020-9433

opensslx509checkemail in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

9.1CVSS7AI score0.00822EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:49 p.m.6 views

CVE-2020-15604

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 v15 consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one...

7.5CVSS6.8AI score0.01618EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 12:20 p.m.9 views

CVE-2012-3372

The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the CyberoamSSLCA...

7.4CVSS6.8AI score0.00938EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 a.m.12 views

CVE-2013-3970

Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...

4.3CVSS6.7AI score0.00488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:28 a.m.8 views

CVE-2013-10001

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

5.9CVSS6.8AI score0.00581EPSS
Exploits0References1
Rows per page
Query Builder