Lucene search
K

189 matches found

OSV
OSV
added 2021/12/21 6:15 p.m.3 views

CVE-2021-27451

Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device...

9.8CVSS5.8AI score0.00802EPSS
Exploits0References1
Prion
Prion
added 2021/12/21 6:15 p.m.26 views

Design/Logic Flaw

Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device...

7.5CVSS9.4AI score0.00802EPSS
Exploits0References1Affected Software1
Oracle linux
Oracle linux
added 2021/12/20 12:0 a.m.55 views

Unbreakable Enterprise kernel-container security update

5.4.17-2136.302.6.1 - rds/ib: Use both iova and key in freemr socket call aru kolappan Orabug: 33667276 5.4.17-2136.302.6 - Revert fs: align IOCB flags with RWF flags Prasad Singamsetty Orabug: 33627551 5.4.17-2136.302.5 - Revert drm: Initialize struct drmcrtcstate.novblank from device settings...

7.8CVSS0.2AI score0.0038EPSS
Exploits0
OSV
OSV
added 2021/12/10 1:15 p.m.3 views

CVE-2021-37187

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file with reversible passwords from the device, which allows decoding of other users' passwords...

6.5CVSS6.6AI score0.00682EPSS
Exploits0References2
Prion
Prion
added 2021/12/10 1:15 p.m.21 views

Default credentials

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file with reversible passwords from the device, which allows decoding of other users' passwords...

4CVSS6.5AI score0.00682EPSS
Exploits0References2Affected Software8
Cvelist
Cvelist
added 2021/12/10 12:24 p.m.29 views

CVE-2021-37187

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file with reversible passwords from the device, which allows decoding of other users' passwords...

6.7AI score0.00682EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/10 12:0 a.m.4 views

Digi International Digi TransPort 安全漏洞

The Digi International Digi TransPort is a full-featured cellular router from Digi International USA. A security vulnerability exists in the Digi International Digi TransPort, which can be exploited by an authenticated attacker to read a password file passwords are reversible from the device, whi...

6.5CVSS6.6AI score0.00682EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/11/08 2:15 p.m.59 views

CVE-2021-39182 Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of t...

7.5CVSS7.7AI score0.00544EPSS
Exploits1References2
Prion
Prion
added 2021/08/23 5:15 a.m.20 views

Design/Logic Flaw

Certain NetModule devices have Insecure Password Handling cleartext or reversible encryption, These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB38...

5CVSS7.7AI score0.01078EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2021/08/23 4:33 a.m.102 views

CVE-2021-39289

CVE-2021-39289 affects NetModule Router Software (NRSW) and various NetModule NB devices where passwords are stored in cleartext or with reversible encryption. Affected devices include NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, a...

7.5CVSS8.1AI score0.01078EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2021/07/15 2:15 p.m.18 views

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an...

3.3CVSS0.00162EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/27 12:0 a.m.8 views

MesaLabs AmegaView 命令注入漏洞

MesaLabs AmegaView is a continuous monitoring system CMS from MesaLabs USA. A command injection vulnerability exists in MesaLabs AmegaView version 3.0 and prior versions, which stems from passwords in the system that are generated by an easily reversible algorithm, and the use of default cookies...

10CVSS6AI score0.02295EPSS
Exploits0References4
OSV
OSV
added 2021/02/05 8:15 p.m.5 views

CVE-2020-10554

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

7.5CVSS5.8AI score0.00772EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/05 7:26 p.m.26 views

CVE-2020-10375

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...

5.5AI score0.00307EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.60 views

Fedora 32 : glibc (2021-6e581c051a)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6e581c051a advisory. - The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding...

8.1CVSS7.5AI score0.05223EPSS
Exploits1References5
NVD
NVD
added 2020/06/15 2:15 p.m.26 views

CVE-2020-0533

Reversible one-way hash in IntelR CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access...

6.7CVSS0.00239EPSS
Exploits0References3
Prion
Prion
added 2020/06/15 2:15 p.m.17 views

Information disclosure

Reversible one-way hash in IntelR CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access...

4.6CVSS6.5AI score0.00239EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/12/27 7:15 p.m.21 views

CVE-2019-20047

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An incorrect web server configuration allows a remote unauthenticated attacker to retrieve the content of its own session files. Every session file contains the administrative LDAP credentials encoded...

7.5CVSS7.6AI score0.02706EPSS
Exploits1References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/12/06 8:59 a.m.186 views

Hacking Hardware Password Managers: The RecZone

TL:DR Hardware security can be difficult to fathom, so I set out to research three password vaults as a newbie, sharing my findings. I picked three popular hardware vaults, each with different components, requiring different skills and equipment. Here's how I learned about disassembly, chipset...

6.9AI score
Exploits0
ICS
ICS
added 2019/11/07 12:0 a.m.162 views

Medtronic Valleylab FT10 and FX8

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Medtronic Equipment: Valleylab FT10, Valleylab FX8 Vulnerabilities: Use of Hard-coded Credentials, Reversible One-way Hash, Improper Input Validation 2. RISK EVALUATION Successful exploitation of...

9.8CVSS9.9AI score0.04869EPSS
Exploits3References6
Rows per page
Query Builder