Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure a Proper SSH Service Authentication Mode

A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...

7.3AI score
Exploits0References3
OSV
OSV
added 2025/03/20 10:15 a.m.11 views

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

8.1CVSS6.8AI score0.0055EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/14 4:45 p.m.30 views

CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...

4.3CVSS0.00349EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/14 4:45 p.m.20 views

CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...

4.3CVSS7.1AI score0.00349EPSS
Exploits0References2
CVE
CVE
added 2024/10/14 4:45 p.m.70 views

CVE-2024-45735

Summary (CVE-2024-45735) : Splunk Enterprise versions before 9.2.3 and 9.1.6, and Splunk Secure Gateway on Splunk Cloud Platform versions before 3.4.259, 3.6.17, or 3.7.0 allow a low-privileged user (not admin/power) to view App Key Value Store (KV Store) deployment configuration and public/priva...

4.3CVSS4.5AI score0.00349EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2017/11/23 9:29 p.m.2 views

CVE-2017-13698

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded...

7.5CVSS5.8AI score0.01086EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/23 9:0 p.m.21 views

CVE-2017-13698

An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys embedded...

7.5AI score0.01086EPSS
Exploits0References1
Rows per page
Query Builder