Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1491 matches found

0day.today
0day.todayadded 2023/04/10 12:0 a.m.231 views

ever gauzy v0.281.9 - JWT weak HMAC secret Vulnerability

Exploit Title: ever gauzy v0.281.9 - JWT weak HMAC secret Author: nu11secur1ty Vendor: https://gauzy.co/ Software: https://github.com/ever-co/ever-gauzy/releases/tag/v0.281.9 Reference: https://portswigger.net/kb/issues/00200903jwt-weak-hmac-secret Description: It was, detected a JWT signed using...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2023/04/10 12:0 a.m.283 views

ever gauzy v0.281.9 - JWT weak HMAC secret

Exploit Title: ever gauzy v0.281.9 - JWT weak HMAC secret Author: nu11secur1ty Date: 04.08.2023 Vendor: https://gauzy.co/ Software: https://github.com/ever-co/ever-gauzy/releases/tag/v0.281.9 Reference: https://portswigger.net/kb/issues/00200903jwt-weak-hmac-secret Description: It was, detected a...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2023/03/30 12:0 a.m.419 views

Covenant 0.5 Remote Code Execution

Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...

6.8AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2023/03/14 1:57 p.m.66 views

Important: Red Hat Security Advisory: openssl security and bug fix update

An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.2AI score0.88334EPSS
Exploits0References20
Ubuntu
Ubuntuadded 2023/03/08 1:2 p.m.95 views

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

9.8CVSS7.6AI score0.10832EPSS
Exploits1
Oracle linux
Oracle linuxadded 2023/03/08 12:0 a.m.34 views

gnutls security and bug fix update

3.7.6-18 - Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version 2168610 3.7.6-17 - Fix timing side-channel in TLS RSA key exchange 2162600 3.7.6-16 - fips: extend PCT to DH key generation 2168610 3.7.6-14 - fips: remove library path checking from FIPS integrity check 2149638 - fips: rena...

7.4CVSS7.7AI score0.03615EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2023/03/08 12:0 a.m.45 views

Scientific Linux Security Update : samba on SL7.x i686/x86_64 (2023:1090)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2023:1090-1 advisory. - samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided CVE-2022-38023 Note that Nessus has not tested for this issue but has instead...

8.1CVSS6.8AI score0.00464EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2023/03/07 10:4 a.m.84 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.1CVSS6.8AI score0.00464EPSS
Exploits0References2
NVD
NVDadded 2023/03/06 11:15 p.m.33 views

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS9.4AI score0.0067EPSS
Exploits0References2
OSV
OSVadded 2023/03/06 11:15 p.m.1 views

DEBIAN-CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS6.8AI score0.0067EPSS
Exploits0References1
OSV
OSVadded 2023/03/06 11:15 p.m.124 views

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS2.8AI score0.0067EPSS
Exploits0References2
OSV
OSVadded 2023/03/06 11:15 p.m.4 views

AZL-25602 CVE-2022-45141 affecting package samba 4.12.5-7

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS6.5AI score0.0067EPSS
Exploits0References1
Prion
Prionadded 2023/03/06 11:15 p.m.38 views

Privilege escalation

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

7.5CVSS8.7AI score0.0067EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2023/03/06 12:0 a.m.745 views

CVE-2022-45141

Summary: CVE-2022-45141 affects Samba and relates to the Windows Kerberos RC4-HMAC Elevation of Privilege vulnerability. The issue is that vulnerable Samba Active Directory Domain Controllers can issue rc4-hmac Kerberos tickets even when servers support stronger encryption (e.g., aes256-cts-hmac-...

9.8CVSS9.2AI score0.0067EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/03/06 12:0 a.m.37 views

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.6AI score0.0067EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2023/03/06 12:0 a.m.46 views

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS9.5AI score0.0067EPSS
Exploits0
Oracle linux
Oracle linuxadded 2023/03/01 12:0 a.m.55 views

openssl security update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

7.5CVSS7.3AI score0.88334EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2023/02/28 8:22 a.m.48 views

Important: Red Hat Security Advisory: openssl security and bug fix update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.88334EPSS
Exploits0References20
AlmaLinux
AlmaLinuxadded 2023/02/28 12:0 a.m.62 views

Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

7.5CVSS7.8AI score0.88334EPSS
Exploits0References18
Oracle linux
Oracle linuxadded 2023/02/28 12:0 a.m.138 views

openssl security and bug fix update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

7.5CVSS7.3AI score0.88334EPSS
Exploits0
Rows per page
Query Builder