Lucene search
K

10 matches found

NVD
NVD
added 2026/04/11 1:16 a.m.7 views

CVE-2026-4155

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...

7.5CVSS0.00566EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/11 12:16 a.m.39 views

CVE-2026-4155 ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...

7.5CVSS0.00566EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/11 12:16 a.m.5 views

CVE-2026-4155

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...

7.5CVSS7.1AI score0.00566EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/11 12:16 a.m.4 views

CVE-2026-4155 ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability

ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploi...

7.5CVSS5.7AI score0.00566EPSS
Exploits0References1
CVE
CVE
added 2026/04/11 12:16 a.m.18 views

CVE-2026-4155

ChargePoint Home Flex is affected. The flaw is in the genpw script where a secret cryptographic seed is embedded, allowing remote disclosure of stored credentials without authentication. This vulnerability enables information disclosure on affected installations. No remediation version is specifi...

7.5CVSS7.1AI score0.00566EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2026/03/16 12:0 a.m.4 views

(Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the genpw script. The issue results from the inclusion o...

7.5CVSS5.8AI score0.00566EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:4378-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2022/12/08 5:34 p.m.4 views

SUSE-SU-2022:4378-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2022-31008: Fixed predictable secret seed in URI encryption bsc1205267...

7.5CVSS7.5AI score0.00307EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2022/03/25 9:31 a.m.20 views

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds. "These malicious apps were able to steal victims' secret seed phrases by...

6.5AI score
Exploits0
OpenSSL
OpenSSL
added 2016/03/01 12:0 a.m.55 views

Vulnerability in OpenSSL - Memory leak in SRP database lookups

The SRP user database lookup method SRPVBASEgetbyuser had confusing memory management semantics; the returned pointer was sometimes newly allocated, and sometimes owned by the callee. The calling code has no way of distinguishing these two cases. Specifically, SRP servers that configure a secret...

7.5AI score0.24409EPSS
Exploits1Affected Software1
Rows per page
Query Builder