Lucene search
+L

265 matches found

Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.3 views

PT-2024-15463 · Skyhigh +1 · Skyhigh Client Proxy +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious insider exploiting this issue can circumvent existing security controls put in place by the organization. If the victim is using a temporary...

5.5CVSS7.2AI score0.00179EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.43 views

Intel BIOS Firmware CVE-2022-21198 (INTEL-SA-00688)

The version of the Intel BIOS on the remote device is affected by a vulnerability as identified in the INTEL-SA-00688 advisory. - Time-of-check time-of-use race condition in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via...

7.9CVSS6.5AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.13 views

Multiple Cisco Products Snort 3 Access Control Policy Bypass (cisco-sa-ftd-snort3acp-bypass-3bdR2BEh)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

5.8CVSS5.4AI score0.00559EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.34 views

F5 Networks BIG-IP : BIG-IP APM portal access vulnerability (K40625021)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K40625021 advisory. - A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 discloses the BIG-IP...

4.3CVSS5.2AI score0.00873EPSS
Exploits0References2
OSV
OSV
added 2023/10/31 8:29 p.m.3 views

GHSA-MP92-3JFM-3575 Synapse vulnerable to leak of remote user device information

Impact Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. Patches System administrators are encouraged to upgrade to Synapse 1.95.1 as soon as possible. Workarounds The federationdomainwhitelist can be used ...

5.3CVSS5.9AI score0.00897EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/10/13 12:0 a.m.25 views

F5 Networks BIG-IP TCP profile vulnerability (K000134652)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000134652 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...

7.5CVSS7.4AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/17 12:0 a.m.47 views

CVE-2023-38902

A command injection vulnerability in RG-EW series home routers and repeaters v.EW3.01B11P219, RG-NBS and RG-S1930 series switches v.SWITCH3.01B11P219, RG-EG series business VPN routers v.EG3.01B11P219, EAP and RAP series wireless access points v.AP3.01B11P219, and NBC series wireless controllers...

9.3AI score0.02187EPSS
Exploits1References1
OSV
OSV
added 2023/07/03 8:15 p.m.6 views

CVE-2023-36609

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges...

7.2CVSS5.8AI score0.00698EPSS
Exploits0References1
NVD
NVD
added 2023/06/28 6:15 p.m.25 views

CVE-2023-21190

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5CVSS4.9AI score0.00076EPSS
Exploits0References1
Prion
Prion
added 2023/06/28 6:15 p.m.22 views

Information disclosure

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

1.5CVSS4.9AI score0.00076EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/28 12:0 a.m.86 views

CVE-2023-21190

CVE-2023-21190 affects Android 13 devices, with the issue located in btm_acl_encrypt_change within btm_acl.cc. A remote device can turn off encryption without terminating the connection, potentially enabling local information disclosure and requiring user interaction for exploitation. Exploitatio...

5CVSS4.9AI score0.00076EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/28 12:0 a.m.29 views

CVE-2023-21190

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5.2AI score0.00076EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/28 12:0 a.m.8 views

CVE-2023-21190

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

6.7AI score0.00076EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/06/12 12:0 a.m.14 views

SonicWall SMA100 Directory Traversal Vulnerability (SNWLID-2019-0018)

The version of SonicWall SMA100 installed on the remote host is prior 9.0.0.4. It is, therefore, affected by a directory traversal vulnerability. In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a fi...

7.5CVSS7.4AI score0.03977EPSS
Exploits0References2
OSV
OSV
added 2023/06/01 12:0 a.m.8 views

PUB-A-251436534

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5CVSS6.4AI score0.00076EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.24 views

Juniper Junos OS Vulnerability (JSA70603)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70603 advisory. - An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain...

5.3CVSS5.9AI score0.0047EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/04/18 9:5 a.m.52 views

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB h...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.27 views

QNAP QTS / QuTS hero Command Injection (QSA-23-01)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a command injection vulnerability. If exploited, this vulnerability allows remote attackers to inject malicious code. Note that Nessus has not tested for this issue but has instead relied only on the application's...

9.8CVSS8.9AI score0.02663EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/14 2:40 p.m.22 views

CVE-2022-42463 Softbus_server in communication subsystem has a authenication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary co ...

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbusserver in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary comman...

8.3CVSS8.9AI score0.00289EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2022/09/20 12:0 a.m.11 views

September 20, 2022—KB5017379 (OS Build 17763.3469) Preview

None None...

6.1AI score
Exploits0
Rows per page
Query Builder