CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac...

6.5CVSS5.9AI score0.0007EPSS

Exploits0

RedhatCVE•added 2025/05/23 12:48 a.m.•5 views

CVE-2022-40297

UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...

7.8CVSS6.8AI score0.01859EPSS

Exploits2References1

UbuntuCve•added 2023/11/06 5:15 p.m.•27 views

CVE-2023-40660

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock a...

6.6CVSS6.8AI score0.00037EPSS

Exploits0References4

Prion•added 2023/11/06 5:15 p.m.•26 views

Design/Logic Flaw

4.4CVSS6.9AI score0.00037EPSS

Exploits0References11Affected Software2

AlpineLinux•added 2023/11/06 4:58 p.m.•27 views

CVE-2023-40660

6.6CVSS6.4AI score0.00037EPSS

Exploits0

Veracode•added 2023/10/06 4:32 a.m.•20 views

Authentication Bypass

libopensc.so is vulnerable to Authentication Bypass. The vulnerability exists in the scpkcs15verifypin function of pkcs15-pin.c when a token or card is plugged into the system and authenticated by one process, but can be utilized for cryptographic operations by another process when an empty,...

6.6CVSS7AI score0.00037EPSS

Exploits0References14Affected Software2

SUSE CVE•added 2023/09/28 1:44 a.m.•1 views

SUSE CVE-2023-40660

7.3CVSS6.7AI score0.00037EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:6 a.m.•1 views

SUSE CVE-2016-2312

Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again...

6.8CVSS6.9AI score0.00077EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 4:42 a.m.•1 views

SUSE CVE-2017-12164

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ranonce boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen...

6.4CVSS6.7AI score0.00136EPSS

Exploits0References4

NVD•added 2022/09/09 12:15 a.m.•11 views

CVE-2022-40297

7.8CVSS0.01859EPSS

Exploits2References1

ATTACKERKB•added 2022/09/09 12:15 a.m.•0 views

CVE-2022-40297

7.8CVSS7AI score0.01859EPSS

Exploits2References2

OSV•added 2022/09/09 12:15 a.m.•0 views

CVE-2022-40297

7.8CVSS5.7AI score0.01859EPSS

Exploits2References1

Prion•added 2022/09/09 12:15 a.m.•9 views

Design/Logic Flaw

DISPUTED UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as...

4.3CVSS7.5AI score0.01859EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2022/09/08 11:38 p.m.•14 views

CVE-2022-40297

7AI score0.01859EPSS

Exploits2References1

CVE•added 2022/09/08 11:38 p.m.•69 views

CVE-2022-40297

UBports Ubuntu Touch 16.04 is affected by CVE-2022-40297 where the screen-unlock 4-digit passcode is usable as the sudo password, enabling privilege escalation to a privileged shell. The root cause described across sources is that a four-digit screen unlock code can be exploited to gain root via ...

7.8CVSS7.4AI score0.01859EPSS

Exploits2References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by