Lucene search
+L

87 matches found

ICS
ICS
added 2023/12/07 7:0 a.m.37 views

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 Vendor : Mitsubishi Electric Equipment : MELIPC , MELSEC iQ-R, and MELSEC Q Series Vulnerabilities : Processor Optimization Removal or Modification of Security-Critical Code, Observable Discrepancy 2. RISK EVALUATION Successful exploitation of these...

5.5CVSS6.2AI score0.00347EPSS
Exploits0References10
ICS
ICS
added 2023/10/10 12:0 a.m.24 views

Siemens Mendix Forgot Password Module

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.3CVSS5.5AI score0.00508EPSS
Exploits0References12
Veracode
Veracode
added 2023/09/18 3:25 p.m.13 views

Observable Discrepancy (Information Exposure)

piccolo is vulnerable to Observable Discrepancy Information Exposure. The vulnerability is caused by a defect in the BaseUser.login function which fails to return responses in a constant time but based on internal state of the application. e.g: a response is generated immediately when user is not...

5.3CVSS6.9AI score0.00459EPSS
Exploits0References4Affected Software1
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.48 views

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

5.9CVSS7.2AI score0.02057EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2023/03/21 12:0 a.m.3 views

PT-2023-17061 · Answer +3 · Answer +2

Name of the Vulnerable Software and Affected Versions: answer versions prior to 1.0.6 Description: The issue concerns an Observable Response Discrepancy. No further details are provided about the nature of this discrepancy or its potential impact. There is no information available regarding the...

5.3CVSS5.6AI score0.00639EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.22 views

Siemens Desigo PXC and DXR Devices Observable Discrepancy (CVE-2022-24043)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.6AI score0.01012EPSS
Exploits0References3
NVD
NVD
added 2023/01/23 2:15 p.m.9 views

CVE-2023-0440

Observable Discrepancy in GitHub repository healthchecks/healthchecks prior to v2.6...

5.3CVSS5.3AI score0.0056EPSS
Exploits1References2
OSV
OSV
added 2023/01/23 12:0 a.m.9 views

CVE-2023-0440 Observable Discrepancy in healthchecks/healthchecks

Observable Discrepancy in GitHub repository healthchecks/healthchecks prior to v2.6...

5.3CVSS5.4AI score0.0056EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2022/05/21 12:4 a.m.32 views

CVE-2020-14002

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...

5.9CVSS4.2AI score0.03146EPSS
Exploits0References1
ICS
ICS
added 2022/04/26 12:0 a.m.40 views

Hitachi Energy System Data Manager

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: System Data Manager – SDM600 Vulnerabilities: Integer Overflow or Wraparound, Reachable Assertion, Type Confusion, Uncontrolled Recursion, Observable Discrepancy 2. RISK...

7.5CVSS7.6AI score0.50732EPSS
Exploits1References4
ICS
ICS
added 2022/04/21 12:0 a.m.231 views

Hitachi Energy MicroSCADA Pro/X SYS600

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Observable Discrepancy, HTTP Request Smuggling, Classic Buffer Overflow, Improper Certificate Validation, Improper Restriction of...

9.3CVSS8.7AI score0.16296EPSS
Exploits5References5
Cvelist
Cvelist
added 2022/04/05 4:45 p.m.26 views

CVE-2022-22356

IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. IBM X-Force ID: 220487...

5.3CVSS6.3AI score0.00843EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/14 12:15 p.m.6 views

CVE-2022-0569

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9...

5.3CVSS5.5AI score0.01041EPSS
Exploits1References3
NVD
NVD
added 2022/02/14 12:15 p.m.24 views

CVE-2022-0569

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9...

5.3CVSS0.01041EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/02/12 11:55 p.m.25 views

CVE-2022-0569 Observable Discrepancy in snipe/snipe-it

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9...

5.3CVSS5.5AI score0.01041EPSS
Exploits1References2
CVE
CVE
added 2022/02/12 11:55 p.m.123 views

CVE-2022-0569

CVE-2022-0569 affects snipe/snipe-it, prior to v5.3.9, with an information-disclosure flaw caused by differences in password-reset responses that can enumerate registered user emails. Impact is information disclosure (email enumeration) and potential brute-force risk implied by exposed email list...

5.3CVSS4.8AI score0.01041EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/02/12 11:55 p.m.19 views

CVE-2022-0569 Observable Discrepancy in snipe/snipe-it

Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9...

5.3CVSS4.9AI score0.01041EPSS
Exploits1References4
OSV
OSV
added 2022/01/21 11:37 p.m.22 views

GHSA-4XWW-6H7V-29JG User enumeration in livehelperchat

livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not...

7.3CVSS5.1AI score0.00899EPSS
Exploits1References4
Prion
Prion
added 2022/01/10 4:15 p.m.13 views

Design/Logic Flaw

In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the...

5CVSS5.3AI score0.01367EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/01/10 3:25 p.m.28 views

CVE-2022-22120 NocoDB - Observable Discrepancy in the password-reset feature

In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the...

5.3CVSS5.6AI score0.01367EPSS
Exploits1References2
Rows per page
Query Builder