Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.4 views

PT-2025-2793 · Autolib Software Systems · Autolib Software Systems Opac

Name of the Vulnerable Software and Affected Versions: AutoLib Software Systems OPAC version 20.10 Description: The issue concerns exposed API keys within the source code. Attackers may use these keys to access the backend API or other sensitive information. Recommendations: For AutoLib Software...

7.5CVSS7.2AI score0.00531EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.7 views

PT-2024-10728 · Hiveos · Hiveos

Name of the Vulnerable Software and Affected Versions: HiveOS versions 0.6-102@191212 and earlier Description: The issue allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io, as SSH host keys are baked into the installation image. The vendor...

5.7CVSS6.8AI score0.00233EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.4 views

PT-2024-10854 · Minerbabe · Minerbabe

Name of the Vulnerable Software and Affected Versions: Minerbabe versions through V4.16 Description: The issue allows man-in-the-middle attacks due to SSH host keys being baked into the installation image. This makes it trivial to identify all public IPv4 nodes using Shodan.io. Recommendations: F...

5.9CVSS6.8AI score0.00175EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.4 views

PT-2023-20989 · Xpand It · Xpand It Write-Back Manager

Name of the Vulnerable Software and Affected Versions: Xpand IT Write-back Manager version 2.3.1 Description: The issue is related to the use of weak secret keys to sign JWT tokens, allowing attackers to obtain the secret key via a bruteforce attack. Recommendations: For Xpand IT Write-back Manag...

9.1CVSS6.8AI score0.00669EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/01/12 12:0 a.m.6 views

PT-2023-10639 · Rapid7 · Nexpose +1

Name of the Vulnerable Software and Affected Versions: Nexpose virtual appliances versions downloaded between April 5th, 2017 and May 3rd, 2017 InsightVM virtual appliances versions downloaded between April 5th, 2017 and May 3rd, 2017 Description: The issue concerns Nexpose and InsightVM virtual...

7.7CVSS7.2AI score0.00376EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/29 12:0 a.m.5 views

PT-2022-27772 · Airtable · Airtable.Js

Name of the Vulnerable Software and Affected Versions: Airtable.js versions prior to 0.11.6 Description: The issue arises from a misconfigured build script in the Airtable.js source package, which bundles environment variables into the build target of a transpiled bundle. Specifically, the AIRTAB...

7.6CVSS6.5AI score0.00448EPSS
Exploits0References6
NVD
NVD
added 2022/02/23 11:15 p.m.12 views

CVE-2022-23653

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a...

4.7CVSS0.00206EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/01/08 11:38 p.m.47 views

CVE-2019-16863

Cryptographic timing vulnerabilities were discovered in certain versions of the Trusted Platform Module TPM firmware distributed by Intel and STMicroelectronics. Software that uses the TPM to compute ECDSA signatures could leak information through the timing of ECDSA signature operations, allowin...

6.8CVSS1.1AI score0.03252EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2016/01/14 10:16 p.m.157 views

Critical OpenSSH Flaw Leaks Private Crypto Keys to Hackers

A 'Serious' security vulnerability has been discovered and fixed in OpenSSH – one of the most widely used open-source implementations of the Secure Shell SSH Protocol. The critical vulnerability could be exploited by hackers to force clients to leak their secret private cryptographic keys,...

4.6CVSS7.7AI score0.63468EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2014/04/08 12:0 a.m.50 views

OpenSSL: Information Disclosure

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL: OpenSSL incorrectly handles memory in the TLS...

7.5CVSS7.9AI score0.99999EPSS
Exploits88
Rows per page
Query Builder