CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

467 matches found

CVE•added 2024/07/09 12:5 p.m.•38 views

CVE-2024-39888

CVE-2024-39888 affects Mendix Encryption versions 10.0.0 to 10.0.1, where a hard-coded default EncryptionKey enables decryption of encrypted project data if no per-project key is specified. Root cause: a security-relevant constant defined by default in the module. Consequences stated across sourc...

8.7CVSS6.8AI score0.00194EPSS

Exploits0References1

Positive Technologies•added 2024/07/09 12:0 a.m.•2 views

PT-2024-8753 · Mendix · Mendix Encryption

Name of the Vulnerable Software and Affected Versions: Mendix Encryption versions 10.0.0 through 10.0.1 Description: A vulnerability has been identified in the Mendix Encryption module, where affected versions define a specific hard-coded default value for the EncryptionKey constant. This default...

8.7CVSS7.4AI score0.00194EPSS

Exploits0References8

ICS•added 2024/07/09 12:0 a.m.•8 views

Siemens Mendix Encryption Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

8.7CVSS7.7AI score0.00194EPSS

Exploits0References12

CNNVD•added 2024/07/09 12:0 a.m.•2 views

Siemens Mendix 安全漏洞

The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...

8.7CVSS6.8AI score0.00194EPSS

Exploits0References2

CNVD•added 2024/06/12 12:0 a.m.•4 views

Siemens Mendix Rights Management Error Vulnerability

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. A privilege management error vulnerability exists in Siemens Mendix, which can be exploited by an attacker with administrative role functionality to elevate the access...

7.4CVSS6.8AI score0.00187EPSS

Exploits0References1

NVD•added 2024/06/11 12:15 p.m.•12 views

CVE-2024-33500

A vulnerability has been identified in Mendix Applications using Mendix 10 All versions = V9.3.0 V9.24.22. Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a targe...

7.4CVSS0.00187EPSS

Exploits0References1

Cvelist•added 2024/06/11 11:15 a.m.•10 views

CVE-2024-33500

7.4CVSS0.00187EPSS

Exploits0References1

CVE•added 2024/06/11 11:15 a.m.•40 views

CVE-2024-33500

CVE-2024-33500 affects Siemens Mendix Applications (Mendix 9: versions >=9.3.0 <9.24.22; 10: <10.11.0; 10.6:

7.4CVSS6.7AI score0.00187EPSS

Exploits0References1

Vulnrichment•added 2024/06/11 11:15 a.m.•8 views

CVE-2024-33500

7.4CVSS6.6AI score0.00187EPSS

Exploits0References1

ICS•added 2024/06/11 12:0 a.m.•17 views

Siemens Mendix Applications

7.4CVSS6AI score0.00187EPSS

Exploits0References12

CNNVD•added 2024/06/11 12:0 a.m.•1 views

Siemens Mendix 安全漏洞

7.4CVSS6.8AI score0.00187EPSS

Exploits0References3

Positive Technologies•added 2023/11/21 12:0 a.m.•1 views

PT-2023-9659 · Mendix · Mendix Runtime

Name of the Vulnerable Software and Affected Versions: Mendix Runtime V10 versions prior to V10.17.0 Mendix Runtime V10.12 versions prior to V10.12.11 Mendix Runtime V10.6 versions prior to V10.6.19 Mendix Runtime V8 versions prior to V8.18.33 Mendix Runtime V9 versions prior to V9.24.31...

6.9CVSS7.6AI score0.0035EPSS

Exploits0References8

CNVD•added 2023/11/15 12:0 a.m.•34 views

Siemens Mendix Authentication Bypass Vulnerability

Mendix is a high-productivity application platform for building and continuously improving mobile and web applications at scale. An authentication bypass vulnerability exists in Siemens Mendix, which can be exploited by an attacker to access or modify objects without proper authorization or to...

8.1CVSS7.1AI score0.00206EPSS

Exploits0References1

NVD•added 2023/11/14 11:15 a.m.•15 views

CVE-2023-45794

A vulnerability has been identified in Mendix Applications using Mendix 10 All versions V10.4.0, Mendix Applications using Mendix 7 All versions V7.23.37, Mendix Applications using Mendix 8 All versions V8.18.27, Mendix Applications using Mendix 9 All versions V9.24.10. A capture-replay flaw in t...

8.1CVSS0.00206EPSS

Exploits0References1

OSV•added 2023/11/14 11:15 a.m.•1 views

CVE-2023-45794

8.1CVSS5.7AI score

Exploits0References1

Prion•added 2023/11/14 11:15 a.m.•9 views

Authorization

5.5CVSS7AI score0.00206EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/11/14 11:4 a.m.•10 views

CVE-2023-45794

6.8CVSS6.8AI score0.00206EPSS

Exploits0References1

CVE•added 2023/11/14 11:4 a.m.•68 views

CVE-2023-45794

The CVE-2023-45794 issue affects Mendix Applications modernized on Mendix 7/8/9/10. A capture-replay flaw in the Mendix platform can, under app-specific preconditions related to model and access control, allow authenticated attackers to access or modify objects without proper authorization or to ...

8.1CVSS7.1AI score0.00206EPSS

Exploits0References1Affected Software1

ICS•added 2023/11/14 12:0 a.m.•55 views

Siemens Mendix Studio Pro

8.8CVSS9.4AI score0.93301EPSS

Exploits9References12

NCSC•added 2023/11/14 12:0 a.m.•3 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SINEC, SIPROTEC and RUGGEDCOM. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention o...

9.8CVSS8.3AI score0.93301EPSS

Exploits20

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by