Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

RedhatCVE
RedhatCVEadded 2026/01/07 9:10 a.m.10 views

CVE-2019-7589

A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and...

10CVSS6.9AI score0.00268EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-17127

Malware in sbrugna...

10CVSS9.1AI score0.00268EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-29875

Malware in sbrugna...

8.8CVSS7.6AI score0.00041EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/02/05 3:6 p.m.7 views

CVE-2020-9046

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files...

8.8CVSS7AI score0.00041EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/03/24 12:0 a.m.2 views

Johnson Controls Kantech EntraPass 安全漏洞

Johnson Controls Kantech EntraPass is a menu-driven security management system from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Kantech EntraPass, which stems from the fact that, under certain circumstances, an attacker with physical access to the reader could recov...

7.5CVSS5.7AI score0.00098EPSS
Exploits0References3
Cvelist
Cvelistadded 2021/12/06 4:54 p.m.12 views

CVE-2021-36198 Entrapass

Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data...

8.3CVSS8.3AI score0.00196EPSS
Exploits0References2
ICS
ICSadded 2021/12/02 12:0 a.m.28 views

Johnson Controls Entrapass

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls, Inc. Equipment: Entrapass Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this...

8.3CVSS7.8AI score0.00196EPSS
Exploits0References5
ICS
ICSadded 2021/09/14 12:0 a.m.37 views

Johnson Controls Sensormatic Electronics KT-1

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC., a subsidiary of Johnson Controls, Inc. Equipment: KT-1 Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this...

8.6CVSS0.1AI score0.0018EPSS
Exploits0References28
CNVD
CNVDadded 2020/05/27 12:0 a.m.2 views

Johnson Controls Kantech EntraPass Access Control Error Vulnerability

Johnson Controls Kantech EntraPass is a menu-driven security management system from Johnson Controls, Inc. An access control error vulnerability exists in Johnson Controls Kantech EntraPass Professional, Enterprise, and Global versions 8.22 and earlier. The vulnerability can be exploited to gain...

8.8CVSS7.1AI score0.00041EPSS
Exploits0References1
NVD
NVDadded 2020/05/26 9:15 p.m.8 views

CVE-2020-9046

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files...

8.8CVSS8.9AI score0.00041EPSS
Exploits0References2
OSV
OSVadded 2020/05/26 9:15 p.m.2 views

CVE-2020-9046

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files...

7.8CVSS7.1AI score
Exploits0References2
Prion
Prionadded 2020/05/26 9:15 p.m.13 views

Design/Logic Flaw

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files...

7.2CVSS7.7AI score0.00041EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/05/26 8:5 p.m.13 views

CVE-2020-9046 Kantech EntraPass Security Management Software - System Permissions Vulnerability

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files...

8.8CVSS8.8AI score0.00041EPSS
Exploits0References2
CVE
CVEadded 2020/05/26 8:5 p.m.79 views

CVE-2020-9046

CVE-2020-9046 affects all versions of Johnson Controls Kantech EntraPass Editions. The vulnerability ( Improper Access Control CWE-284 ) could allow an authorized, low-privileged user to achieve full system-level privileges by replacing critical files with crafted ones. Affected editions include ...

8.8CVSS8.1AI score0.00041EPSS
Exploits0References2Affected Software1
ICS
ICSadded 2020/05/26 12:0 a.m.44 views

Johnson Controls Kantech EntraPass

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: low skill level to exploit Vendor: Kantech, a subsidiary of Johnson Controls Equipment: EntraPass Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could potentially allow an authorized...

8.8CVSS8.1AI score0.00041EPSS
Exploits0References5
CNVD
CNVDadded 2020/03/11 12:0 a.m.2 views

Johnson Controls Kantech EntraPass Input Validation Error Vulnerability

Johnson Controls Kantech EntraPass is a menu-driven security management system from Johnson Controls, Inc. An input validation error vulnerability exists in the SmartService API Service option in Johnson Controls Kantech EntraPass Corporate Edition 8.0 and earlier and Kantech EntraPass Global...

10CVSS7.3AI score0.00268EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2020/03/10 9:58 p.m.86 views

Critical Bugs in Rockwell, Johnson Controls ICS Gear

Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...

10CVSS7.6AI score0.0028EPSS
Exploits0References7
ThreatPost
ThreatPostadded 2020/03/10 9:58 p.m.58 views

Critical Bugs in Rockwell, Johnson Controls ICS Gear

Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...

10CVSS8.5AI score0.0141EPSS
Exploits1References7
OSV
OSVadded 2020/03/10 8:15 p.m.1 views

CVE-2019-7589

A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and...

9.8CVSS7.3AI score0.00268EPSS
Exploits0References2
NVD
NVDadded 2020/03/10 8:15 p.m.14 views

CVE-2019-7589

A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and...

10CVSS9.5AI score0.00268EPSS
Exploits0References2
Rows per page
Query Builder