Lucene search
K

86 matches found

Amazon
Amazon
added 2024/11/01 12:0 a.m.14 views

Important: qt5-qtlocation

Issue Overview: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not ye...

8.6CVSS7.8AI score0.00494EPSS
Exploits0
Amazon
Amazon
added 2024/11/01 12:0 a.m.10 views

Important: qt5-qtimageformats

Issue Overview: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not ye...

8.6CVSS7.8AI score0.00494EPSS
Exploits0
Amazon
Amazon
added 2024/11/01 12:0 a.m.17 views

Important: qt5-qtconnectivity

Issue Overview: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not ye...

8.6CVSS7.8AI score0.00494EPSS
Exploits0
Amazon
Amazon
added 2024/11/01 12:0 a.m.4 views

Important: qt5-qtconnectivity

Issue Overview: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not ye...

8.6CVSS7.3AI score0.00494EPSS
Exploits0
Amazon
Amazon
added 2024/11/01 12:0 a.m.10 views

Important: qt5-qtxmlpatterns

Issue Overview: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not ye...

8.6CVSS7.8AI score0.00494EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/07/05 2:49 a.m.27 views

CVE-2024-39936

A vulnerability was found in Qt where, during a TLS connection for servers supporting HTTP2, Qt may send data to a server even if the TLS certificate doesn't match the redirected address. This occurs because Qt fails to validate the certificate against the redirected address, potentially sending...

8.6CVSS6.7AI score0.00494EPSS
Exploits0References4
OSV
OSV
added 2024/07/04 9:15 p.m.1 views

DEBIAN-CVE-2024-39936

An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted signal has not yet been emitted a...

5.9CVSS7.9AI score0.00494EPSS
Exploits0References1
NVD
NVD
added 2023/12/18 10:15 p.m.24 views

CVE-2023-46686

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

7.1CVSS0.00523EPSS
Exploits0References1
Prion
Prion
added 2023/12/18 10:15 p.m.20 views

Design/Logic Flaw

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

5.5CVSS7.2AI score0.00523EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/18 10:1 p.m.30 views

CVE-2023-46686

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

5.5CVSS7.1AI score0.00523EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/18 10:1 p.m.13 views

CVE-2023-46686

A reliance on untrusted inputs in a security decision could be exploited by a privileged user to configure the Gallagher Command Centre Diagnostics Service to use less secure communication protocols. This issue affects: Gallagher Diagnostics Service prior to v1.3.0 distributed in 9.00.1507MR1...

5.5CVSS7AI score0.00523EPSS
Exploits0References1
CVE
CVE
added 2023/12/18 10:1 p.m.53 views

CVE-2023-46686

The CVE-2023-46686 affects the Gallagher Command Centre Diagnostics Service (prior to v1.3.0, distributed in 9.00.1507(MR1)). The issue is a reliance on untrusted inputs within a security decision that can allow a privileged user to configure the Diagnostics Service to use less secure communicati...

7.1CVSS6.9AI score0.00523EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/13 11:50 a.m.16 views

CVE-2023-3050 Authentication Bypass in TMT's Lockcell

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass. This issue affects Lockcell: before 15...

9.8CVSS9.8AI score0.01314EPSS
Exploits1References3
CVE
CVE
added 2023/06/13 11:50 a.m.45 views

CVE-2023-3050

Summary: CVE-2023-3050 affects TMT Lockcell prior to version 15, due to reliance on cookies without validation or integrity checking in security decisions, allowing privilege abuse and authentication bypass. Affected product: Lockcell (TMT Lockcell) prior to v15. Vulnerability details (from provi...

9.8CVSS7.3AI score0.01314EPSS
Exploits1References3Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/04/24 12:0 a.m.11 views

Unified Cybersecurity Platform: Why CISOs are Shifting

Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps teams with a unified cybersecurity platform so you can be more resilient with less resources...

2.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/16 8:0 a.m.116 views

Build Your 2022 Cybersecurity Plan With This Free PPT Template

The end of the year is coming, and it's time for security decision-makers to make plans for 2022 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2022...

0.4AI score
Exploits0
Prion
Prion
added 2022/03/09 5:15 p.m.17 views

Security feature bypass

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service...

6.8CVSS8.4AI score0.00895EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/03/09 4:26 p.m.99 views

CVE-2021-36777

CVE-2021-36777 affects openSUSE Build service login-proxy-scripts (pre-dc000cdfe9b9b715fb92195b1a57559362f689ef). The issue is a vulnerability in the login-proxy that relies on untrusted inputs, allowing an attacker to present a user with the expected login form and then have clear-text credentia...

8.8CVSS8.3AI score0.00895EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.14 views

Schneider Electric Modicon Controllers Reliance On Untrusted Inputs in a Security Decision (CVE-2018-7850)

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software. This plugin only works with Tenable.ot. Please visit...

9.8CVSS6.8AI score0.35039EPSS
Exploits18References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/07/28 4:0 p.m.52 views

Zero Trust Adoption Report: How does your organization compare?

From the wide adoption of cloud-based services to the proliferation of mobile devices. From the emergence of advanced new cyberthreats to the recent sudden shift to remote work. The last decade has been full of disruptions that have required organizations to adapt and accelerate their security...

7.3AI score
Exploits0
Rows per page
Query Builder