Lucene search
K

1830 matches found

Prion
Prion
added 2022/06/13 3:15 p.m.17 views

Code injection

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality...

2.1CVSS5.5AI score0.00164EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2022/06/13 2:55 p.m.20 views

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality...

5.8AI score0.00164EPSS
Exploits0References2
CVE
CVE
added 2022/06/13 2:55 p.m.70 views

CVE-2022-31756

CVE-2022-31756 concerns a design defect in the fingerprint sensor module affecting Huawei HarmonyOS (notably HarmonyOS 2.0). The vulnerability is described as enabling potential data confidentiality leakage if exploited. The available connected records corroborate the fingerprint sensor design fl...

5.5CVSS5.5AI score0.00164EPSS
Exploits0References2Affected Software3
Schneier on Security
Schneier on Security
added 2022/06/09 11:22 a.m.15 views

Smartphones and Civilians in Wartime

Interesting article about civilians using smartphones to assist their militaries in wartime, and how that blurs the important legal distinction between combatants and non-combatants: The principle of distinction between the two roles is a critical cornerstone of international humanitarian law­--t...

2.6AI score
Exploits0
Cvelist
Cvelist
added 2022/05/31 7:36 p.m.41 views

CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...

7.5CVSS7.7AI score0.1506EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/31 7:34 p.m.28 views

CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software

The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code...

9.8CVSS9.9AI score0.15968EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/27 12:0 a.m.4 views

多款Keysight Technologies产品代码问题漏洞

Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...

10CVSS8.9AI score0.15968EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2022/05/27 12:0 a.m.19 views

KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserFirmwareRequestHandler class. The issue results from the lack ...

7.5CVSS1AI score0.1506EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/27 12:0 a.m.5 views

多款Keysight Technologies产品路径遍历漏洞

Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...

7.5CVSS7.6AI score0.1506EPSS
Exploits0References4
ICS
ICS
added 2022/05/26 12:0 a.m.50 views

Keysight N6854A Geolocation server and N6841A RF Sensor software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Keysight Technologies, Inc. Equipment: N6854A Geolocation server and N6841A RF Sensor software Vulnerabilities: Relative Path Traversal, Deserialization of Untrusted Data 2. RISK EVALUATION Successful...

10CVSS9.7AI score0.15968EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/05/17 7:31 p.m.20 views

CVE-2022-0997 Local Privilege Escalation Vulnerability in Fidelis Network and Deception

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a...

3.9CVSS7.9AI score0.00502EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/05/17 7:30 p.m.22 views

CVE-2022-24388 Authenticated Privileged Command Injection Vulnerability in Fidelis Network and Deception

Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject root level commands into Fidelis Network and Deception CommandPost, Collector, Sensor, and Sandbox components as well as neighboring Fidelis components. The vulnerability is present in Fidelis Network...

8.8CVSS8.8AI score0.01342EPSS
Exploits0References1
CVE
CVE
added 2022/05/17 7:27 p.m.88 views

CVE-2022-24390

The CVE concerns Fidelis Network and Deception products with a vulnerability in rconfig’s remote_text_file that, on versions prior to 9.4.5, allows an attacker with CLI user-level access to inject commands into Fidelis components (CommandPost, Collector, Sensor, Sandbox) and neighboring Fidelis c...

8.8CVSS8.7AI score0.0115EPSS
Exploits0References1Affected Software2
Rockylinux
Rockylinux
added 2022/05/17 6:48 a.m.19 views

new packages: iio-sensor-proxy

An update is available for iio-sensor-proxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/16 3:30 p.m.6 views

CVE-2022-0997

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a...

7.8CVSS7.4AI score0.00502EPSS
Exploits1References2
Kitploit
Kitploit
added 2022/04/13 12:30 p.m.99 views

Melody - A Transparent Internet Sensor Built For Threat Intelligence

Melody Monitor the Internet's background noise Melody is a transparent internet sensor built for threat intelligence and supported by a detection rule framework which allows you to tag packets of interest for further analysis and threat monitoring. Features Here are some key features of Melody :...

9.8CVSS9.9AI score0.99997EPSS
Exploits41References6
OSV
OSV
added 2022/03/18 12:25 a.m.6 views

GSD-2022-1000865 hwmon: Handle failure to register sensor with thermal zone correctly

hwmon: Handle failure to register sensor with thermal zone correctly This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.103 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/03/18 12:15 a.m.20 views

GSD-2022-1000750 hwmon: Handle failure to register sensor with thermal zone correctly

hwmon: Handle failure to register sensor with thermal zone correctly This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.12 by commit...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2022/03/17 12:0 a.m.3 views

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of boundary checking in the sensor driver, resulting in a denial of service...

4.4CVSS5AI score0.00083EPSS
Exploits0References4
Talos
Talos
added 2022/02/28 12:0 a.m.71 views

Swift Sensors Gateway device password generation authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Version...

10CVSS10AI score0.05646EPSS
Exploits1
Rows per page
Query Builder