Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2024/09/26 6:15 p.m.16 views

CVE-2024-47124

The goTenna Pro App does not encrypt callsigns in messages. It is recommended to not use sensitive information in callsigns when using this and previous versions of the app and update your app to the current app version which uses AES-256 encryption for callsigns in encrypted operation...

6.5CVSS0.00035EPSS
Exploits0References1
NVD
NVDadded 2024/09/26 6:15 p.m.14 views

CVE-2024-47121

The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent via...

6CVSS0.00101EPSS
Exploits0References1
CVE
CVEadded 2024/09/26 5:21 p.m.50 views

CVE-2024-47124

CVE-2024-47124 affects the goTenna Pro App, where callsigns in messages are not encrypted (cleartext transmission). The issue is tied to the Pro App’s handling of callsigns in encrypted operation and is addressed by updating to the current app version that uses AES-256 encryption for callsigns. P...

6.5CVSS5.2AI score0.00035EPSS
Exploits0References1Affected Software1
ICS
ICSadded 2024/09/26 6:0 a.m.14 views

goTenna Pro X and Pro X2 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Low attack complexity Vendor : goTenna Equipment : Pro series Vulnerabilities : Weak Password Requirements, Insecure Storage of Sensitive Information, Missing Support for Integrity Check, Cleartext Transmission of Sensitive Information,...

8.8CVSS6.5AI score0.00136EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiativeadded 2022/02/15 12:0 a.m.18 views

(Pwn2Own) Western Digital My Cloud Pro Series PR4100 ConnectivityService Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ConnectivityService service. The issue results from the lac...

8.8CVSS1.5AI score0.00796EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2019/07/25 9:30 a.m.110 views

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

5.5CVSS6AI score0.04518EPSS
Exploits6
seebug.org
seebug.orgadded 2018/03/23 12:0 a.m.49 views

Western Digital My Cloud Pro Series PR2100 Authenticated RCE

Vulnerability Summary A vulnerability in the Western Digital My Cloud Pro Series PR2100 allows authenticated users to execute commands arbitrary commands. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor...

7.7AI score
Exploits0
Rows per page
Query Builder