Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.10 views

CVE-2025-62619

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS5.5AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.10 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS5.4AI score0.0017EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 3:16 p.m.18 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS0.0017EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 3:16 p.m.16 views

CVE-2025-62619

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 2:32 p.m.16 views

CVE-2025-62619

CVE-2025-62619 concerns missing authentication in the KVM key download endpoint, enabling an unauthenticated attacker who knows the exposed URL to retrieve sensitive keys and potentially compromise confidentiality. The issue is identified in AMD’s Device Management Portal context (AMD-SB-9023), w...

6.3CVSS5.8AI score0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 2:32 p.m.7 views

CVE-2025-62619

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS5.8AI score0.00321EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:32 p.m.11 views

CVE-2025-62619

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS5.8AI score0.00321EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 2:32 p.m.43 views

CVE-2025-62619

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 2:31 p.m.8 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS5.8AI score0.0017EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 2:31 p.m.8 views

EUVD-2025-209846

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS5.8AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:31 p.m.7 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS5.8AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 2:31 p.m.36 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 2:31 p.m.13 views

CVE-2025-62625

CVE-2025-62625 concerns improper privilege management in the KVM key download component, enabling token swapping to obtain sensitive keys and potentially access privileged resources. The NVD/CVE records describe impact to confidentiality with CVSS v4.0 base metrics: Attack Vector NETWORK, Attack ...

6CVSS5.8AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.10 views

PT-2026-40938

Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality...

6.3CVSS5.8AI score0.00321EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.12 views

AMD Processors 访问控制错误漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. AMD Processors have a vulnerability related to access control, which stems from the lack of authentication at the key download endpoint. This allows unauthorized attackers to retrieve sensitive keys using a...

6.3CVSS5.8AI score0.00321EPSS
Exploits0References1
Amd
Amd
added 2026/05/12 12:0 a.m.12 views

AMD Device Management Portal Key Download

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...

6.3CVSS5.8AI score0.00321EPSS
Exploits0
Veeam
Veeam
added 2026/03/16 12:0 a.m.69 views

How to Manually Update GPG key on Veeam Hardened Repository Appliance

Article Applicability This article is specifically regarding the Veeam Hardened Repository ISO v2 appliance, which was distributed alongside Veeam Backup & Replication 12. For information about manually updating the GPG key on the appliances associated with Veeam Backup & Replication 13, review...

5.8AI score
Exploits0Affected Software1
OSV
OSV
added 2022/07/17 10:15 p.m.5 views

CVE-2021-40149

The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI...

5.9CVSS7.3AI score0.05994EPSS
Exploits4References3
Rows per page
Query Builder