Lucene search
K

38 matches found

CVE
CVE
added 2024/09/10 8:3 a.m.65 views

CVE-2024-7734

CVE-2024-7734 affects Phoenix Contact FL MGUARD (mGuard) devices; pathfinder TCP encapsulation service can be abused by establishing a high volume of TCP connections, causing a denial of service that blocks valid IPsec VPN peers. Public references in Red Hat and related advisories confirm unauthe...

5.3CVSS5.3AI score0.00481EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.4 views

PT-2024-38542 · Phoenix Contact · Phoenix Contact Fl Mguard

Name of the Vulnerable Software and Affected Versions: Phoenix Contact FL MGUARD versions affected versions not specified Description: An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the...

5.3CVSS7.2AI score0.00481EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.6 views

PHOENIX CONTACT FL MGUARD 安全漏洞

The PHOENIX CONTACT FL MGUARD is a series of routers from PHOENIX CONTACT, Germany. A security vulnerability exists in Phoenix Contact FL MGUARD versions prior to 2102 10.4.1 that originates from the behavior of an unauthenticated, remote attacker who can exploit the pathfinder TCP encapsulation...

5.3CVSS6.7AI score0.00481EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/05/08 2:17 p.m.15 views

New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data

Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard AES algorithm. The techniques have been collectively dubbed Pathfinder by a group of academics from the...

7.4AI score
Exploits0
NVD
NVD
added 2023/05/10 2:15 p.m.18 views

CVE-2023-27386

Uncontrolled search path in some IntelR Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS6.9AI score0.00182EPSS
Exploits0References1
Prion
Prion
added 2023/05/10 2:15 p.m.11 views

Privilege escalation

Uncontrolled search path in some IntelR Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access...

4.1CVSS7.3AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/10 1:16 p.m.23 views

CVE-2023-27386

Uncontrolled search path in some IntelR Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.6AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2023/05/10 1:16 p.m.41 views

CVE-2023-27386

CVE-2023-27386 involves an uncontrolled search path in some Intel® Pathfinder for RISC-V software that could allow an authenticated user to escalate privileges via local access. The connected Intel advisory (Intel® Pathfinder for RISC-V Advisory) confirms the affected product line and describes t...

7.3CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/10 1:16 p.m.11 views

CVE-2023-27386

Uncontrolled search path in some IntelR Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.4AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.5 views

Intel Pathfinder 代码问题漏洞

Intel Pathfinder is an exploration program of Intel Corporation USA. A security vulnerability exists in Intel Pathfinder for RISC-V. An attacker can escalate privileges by exploiting the vulnerability...

7.3CVSS7.4AI score0.00182EPSS
Exploits0References2
Intel
Intel
added 2023/05/09 12:0 a.m.33 views

Intel® Pathfinder for RISC-V Advisory

Summary: A potential security vulnerability in some Intel® Pathfinder for RISC-V software may allow escalation of privilege. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel® Pathfinder for RISC-V. Vulnerability...

7.3CVSS6.9AI score0.00182EPSS
Exploits0
OSV
OSV
added 2022/11/03 9:15 p.m.4 views

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

9.1CVSS5.8AI score0.01068EPSS
Exploits1References1
NVD
NVD
added 2022/11/03 9:15 p.m.14 views

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

9.1CVSS0.01068EPSS
Exploits1References1
CVE
CVE
added 2022/11/03 12:0 a.m.74 views

CVE-2022-38168

CVE-2022-38168 affects Avaya Scopia Pathfinder 10 and 20 PTS (v8.3.7.0.4). The root cause is Broken Access Control in user authentication, enabling remote unauthenticated attackers to bypass the login page, access sensitive information, and reset passwords via URL modification. The vulnerability ...

9.1CVSS9.2AI score0.01068EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.5 views

Avaya Scopia Pathfinder 访问控制错误漏洞

Avaya Scopia Pathfinder is a complete firewall and NAT traversal solution from Avaya USA. An Access Control Error vulnerability exists in Avaya Scopia Pathfinder version 8.3.7.0.4, which originates from a compromised access control in user authentication, allowing an unauthenticated, remote...

9.1CVSS8.3AI score0.01068EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/11/03 12:0 a.m.21 views

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

9.5AI score0.01068EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/03 12:0 a.m.7 views

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

7.4AI score0.01068EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2018/01/05 9:1 a.m.11 views

autoblog.com XSS vulnerability

Open Bug Bounty ID: OBB-487507 Description| Value ---|--- Affected Website:| autoblog.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
Rows per page
Query Builder