CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5458 matches found

OpenVAS•added 2024/07/16 12:0 a.m.•15 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1928)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS8.8AI score0.02733EPSS

Exploits2References2

BDU FSTEC•added 2024/07/15 12:0 a.m.•4 views

The vulnerability of the BitLocker data protection function in Windows operating systems allows attackers to circumvent existing security restrictions and gain access to encrypted data.

The vulnerability of the BitLocker data protection function in Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and gain access to encrypted data...

7.2CVSS5.5AI score0.00937EPSS

Exploits0References3

Mageia•added 2024/07/14 5:23 a.m.•93 views

Updated freeradius packages fix security vulnerability

This vulnerability allows an attacker performing a meddler-in-the-middle attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to bypass authentication and escalate privileges to ‘superuser’ when RADIUS authentication is in use and either CHAP or PAP is selected in the RADIUS serv...

9CVSS7.2AI score0.14859EPSS

Exploits2References3

OSV•added 2024/07/14 5:23 a.m.•8 views

MGASA-2024-0264 Updated freeradius packages fix security vulnerability

9CVSS9.1AI score0.14859EPSS

Exploits2References4

Palo Alto Networks•added 2024/07/10 4:0 p.m.•38 views

PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation

9CVSS7AI score0.14859EPSS

Exploits2References1

OSV•added 2024/07/09 12:15 p.m.•2 views

CVE-2024-39865

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker...

8.8CVSS7.2AI score0.00447EPSS

Exploits0References1

OSV•added 2024/07/09 12:15 p.m.•2 views

CVE-2024-39866

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. This could allow an attacker with access to the backup encryption key and with the right to upload backup files to create a user with...

8.8CVSS5.7AI score0.00242EPSS

Exploits0References1

NVD•added 2024/07/09 12:15 p.m.•26 views

CVE-2024-39865

8.8CVSS0.00447EPSS

Exploits0References1

CVE•added 2024/07/09 12:5 p.m.•50 views

CVE-2024-39888

CVE-2024-39888 affects Mendix Encryption versions 10.0.0 to 10.0.1, where a hard-coded default EncryptionKey enables decryption of encrypted project data if no per-project key is specified. Root cause: a security-relevant constant defined by default in the module. Consequences stated across sourc...

8.7CVSS6.8AI score0.00244EPSS

Exploits0References1

Vulnrichment•added 2024/07/09 12:5 p.m.•15 views

CVE-2024-39865

8.8CVSS7.8AI score0.00447EPSS

Exploits0References1

Positive Technologies•added 2024/07/09 12:0 a.m.•2 views

PT-2024-8750 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: The issue is related to insufficient restriction of authentication attempts, allowing a remote attacker to obtain encrypted user credentials. The affected application does n...

8.7CVSS7.5AI score0.00445EPSS

Exploits0References7

Positive Technologies•added 2024/07/09 12:0 a.m.•4 views

PT-2024-5084 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server that allows users to upload encrypted backup files without correctly checking the path of the restore...

9CVSS8.7AI score0.00447EPSS

Exploits0References7

RedHat Linux•added 2024/07/08 2:5 a.m.•1 views

kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack

A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even...

5.4CVSS6.8AI score0.00887EPSS

Exploits1References4

SUSE CVE•added 2024/07/06 2:58 a.m.•2 views

SUSE CVE-2024-39936

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not yet been emitted a...

7.5CVSS7.3AI score0.00494EPSS

Exploits0References10

RedhatCVE•added 2024/07/05 2:49 a.m.•24 views

CVE-2024-39936

A vulnerability was found in Qt where, during a TLS connection for servers supporting HTTP2, Qt may send data to a server even if the TLS certificate doesn't match the redirected address. This occurs because Qt fails to validate the certificate against the redirected address, potentially sending...

8.6CVSS6.7AI score0.00494EPSS

Exploits0References4

OSV•added 2024/07/04 10:10 p.m.•22 views

CGA-J35H-MJRV-44J3

Bulletin has no description...

4.9CVSS5.9AI score0.02199EPSS

Exploits0

NVD•added 2024/07/04 9:15 p.m.•20 views

CVE-2024-39936

8.6CVSS0.00494EPSS

Exploits0References2

OSV•added 2024/07/04 9:15 p.m.•1 views