Lucene search
K

157 matches found

OSV
OSV
added 2023/12/13 9:15 p.m.4 views

CVE-2023-50442

Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.17 views

Cisco Nexus 1000V VSM/VEM Communication Encryption Bypass (CVE-2013-1208)

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module VSM to Virtual Ethernet Module VEM communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID...

5.8CVSS5.5AI score0.00657EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 4:15 p.m.5 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.8CVSS5.8AI score0.00198EPSS
Exploits0References2
NVD
NVD
added 2023/07/06 1:15 p.m.23 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS7.6AI score0.00272EPSS
Exploits0References2
OSV
OSV
added 2023/07/06 1:15 p.m.2 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS5.8AI score0.00272EPSS
Exploits0References2
Prion
Prion
added 2023/07/06 1:15 p.m.27 views

Privilege escalation

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

5CVSS7.6AI score0.00272EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2023/07/06 12:41 p.m.49 views

CVE-2021-46892

Technical details for CVE-2021-46892 are not publicly provided in the connected documents. Monitor for updates from vendors and security bulletins.

7.5CVSS7.5AI score0.00272EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/07/06 12:41 p.m.11 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.2AI score0.00272EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/06 12:41 p.m.22 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.8AI score0.00272EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-12612 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS7.4AI score0.00272EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2023/06/28 6:15 p.m.3 views

CVE-2023-21179

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.1AI score0.00076EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/28 12:0 a.m.8 views

CVE-2023-21179

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.4AI score0.00076EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.4 views

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that originates in the installKey of KeyUtil.cpp, which may bypass user-specified wifi encryption protocols due to improper use of encryption, which may result in local privilege...

7.5CVSS7.3AI score0.00455EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/28 12:0 a.m.25 views

CVE-2023-21190

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5.2AI score0.00076EPSS
Exploits0References1
OSV
OSV
added 2023/06/01 12:0 a.m.7 views

PUB-A-272755865

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00076EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.26 views

Siemens SCALANCE W1750D Improper Input Validation (CVE-2022-47522)

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

7.5CVSS7.2AI score0.00897EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.3 views

PT-2023-2034 · Unknown +1 · Ieee 802.11 +1

Name of the Vulnerable Software and Affected Versions: IEEE 802.11 specifications through 802.11ax Description: The issue allows physically proximate attackers to intercept target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending...

9CVSS7.3AI score0.00897EPSS
Exploits1References15
Cisco
Cisco
added 2023/03/27 5:0 a.m.8 views

Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues Affecting Multiple Cisco Products

On March 27, 2023, the research paper Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues was made public. This paper discusses vulnerabilities in the 802.11 standard that could allow an attacker to spoof a targeted wireless client and redirect frames that are present in th...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/03/10 12:0 a.m.16 views

CVE-2023-23911

An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room...

7.5CVSS7AI score0.00254EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.55 views

K30215094: Ruby vulnerability CVE-2016-7798

Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...

7.5CVSS7AI score0.03167EPSS
Exploits1
Rows per page
Query Builder