Lucene search
K

12405 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.6 views

SUSE CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...

4.7CVSS6.9AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-47952

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

6.3CVSS4.1AI score0.00702EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.7 views

CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials

Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...

5.3CVSS7AI score0.00462EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.26 views

CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.

An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...

7.5CVSS7.8AI score0.00577EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.26 views

CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials

Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...

5.3CVSS7.8AI score0.00462EPSS
Exploits0References1
CVE
CVE
added 2023/02/15 12:0 a.m.86 views

CVE-2023-23463

The CVE-2023-23463 entry concerns Sunell DVR, latest version, with a vulnerability labeled as Insufficiently Protected Credentials (CWE-522) that may be exposed through an unspecified request. This is a network‑driven issue (CVSSv3.1 base score 7.5, HIGH) with no detailed exploit path provided in...

7.5CVSS6.3AI score0.00462EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.6 views

The vulnerability of the graphical interface of the Dell GeoDrive local file system allows a perpetrator to disclose protected information.

The vulnerability of the Dell GeoDrive local file system’s graphical interface is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

7.8CVSS7.2AI score0.00192EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.7 views

The vulnerability of the IBM Robotic Process Automation software lies in its insufficient protection of registration data, allowing attackers to disclose protected information.

The vulnerability of the IBM Robotic Process Automation software lies in the insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

4.9CVSS5.8AI score0.00739EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.10 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView arises from the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.

The vulnerability of the centralized control system for network devices and ports of Advantech iView relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

5.9CVSS6.8AI score0.00758EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.9 views

The vulnerability of the System Management Unit (SMU) component of AMD processors allows attackers to disclose protected information.

The vulnerability of the System Management Unit SMU component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

3.3CVSS5.3AI score0.00243EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 9:14 p.m.32 views

Security Bulletin: IBM CICS TX Standard is vulnerable to allowing access to a user's web browser session due to insufficiently protected credentials (CVE-2022-34311).

Summary IBM CICS TX Standard could allow access to a user's web browser session due to insufficiently protected credentials. The fix removes this vulnerability CVE-2022-34311 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34311 DESCRIPTION: IBM CICS TX could allow a user with...

4.3CVSS4.3AI score0.00359EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/02/14 8:15 p.m.4 views

CVE-2023-21695

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.01048EPSS
Exploits0References1
OSV
OSV
added 2023/02/14 8:15 p.m.1 views

CVE-2023-21690

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

9.8CVSS7.4AI score0.27533EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/02/14 8:15 p.m.4 views

CVE-2023-21692

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

9.8CVSS7.3AI score0.21239EPSS
Exploits0References2Affected Software22
OSV
OSV
added 2023/02/14 8:15 p.m.3 views

CVE-2023-21692

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

9.8CVSS7.4AI score0.21239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/02/14 8:15 p.m.4 views

CVE-2023-21689

Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...

9.8CVSS7.3AI score0.26504EPSS
Exploits0References2Affected Software19
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.5 views

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Protected EAP PEAP. The following products and versions are affected: Windows 10 Version 1809 for 32-bit...

7.5CVSS7.7AI score0.01425EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.5 views

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Protected EAP PEAP. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

8.8CVSS8.2AI score0.01048EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.3 views

PT-2023-1456 · Microsoft · Windows Postscript Printer Driver +1

Name of the Vulnerable Software and Affected Versions: Windows PostScript Printer Driver Pscript affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to gain unauthorized access to protected information. This...

6.8CVSS9.6AI score0.01381EPSS
Exploits0References6
WPVulnDB
WPVulnDB
added 2023/02/14 12:0 a.m.12 views

Ocean Extra < 2.1.3 - Subscriber+ Arbitrary Post Content Disclosure

The plugin does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones. PoC Note: This requires the OceanWP theme to be...

6.5CVSS6.8AI score0.00654EPSS
Exploits2Affected Software1
Rows per page
Query Builder