Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2024/10/03 6:15 p.m.2 views

CVE-2023-37822

The Eufy Homebase 2 before firmware version 3.3.4.1h creates a dedicated wireless network for its ecosystem, which serves as a proxy to the end user's primary network. The WPA2-PSK generation of this dedicated network is flawed and solely based on the serial number. Due to the flawed generation...

8.2CVSS5.8AI score0.0008EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/10/03 12:0 a.m.2 views

PT-2024-12651 · Eufy · Eufy Homebase 2

Name of the Vulnerable Software and Affected Versions: Eufy Homebase 2 versions prior to 3.3.4.1h Description: The Eufy Homebase 2 creates a dedicated wireless network for its ecosystem, serving as a proxy to the end user's primary network. The WPA2-PSK generation of this dedicated network is...

8.2CVSS7.5AI score0.0008EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2024/01/02 12:0 a.m.5 views

PT-2024-11551 · Priva · Priva Topcontrol Suite

Name of the Vulnerable Software and Affected Versions: Priva TopControl Suite affected versions not specified Description: The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. This makes it possible for an attacker to calculate the login...

7.5CVSS7.3AI score0.00126EPSS
Exploits0References7
ICS
ICSadded 2018/09/06 12:0 p.m.28 views

DNP3 Implementation Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-291-01A DNP3 Implementation Vulnerability that was published November 21, 2013, on the NCCIC/ICS-CERT web site. Adam Crain of Automatak and Chris Sistrunk, Sr. Consultant for Mandiant, reported an improper input...

6.9AI score
Exploits0References17
CNVD
CNVDadded 2015/11/26 12:0 a.m.2 views

Trust Management Vulnerability in Multiple Arris Devices

The Arris DG860A, TG862A and TG862G are modem products from the Arris Group of Companies. A security vulnerability exists in a number of Arris devices that stems from a program using hard-coded passwords based on serial numbers. The vulnerability can be exploited by a remote attacker to gain acce...

9.3CVSS7.2AI score0.00588EPSS
Exploits0References1
ICS
ICSadded 2013/07/12 6:0 a.m.35 views

Alstom e-Terracontrol DNP3 Master Improper Input Validation (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-13-282-01, Alstom e‑terra control DNP3 Master Improper Input Validation, which was posted to the NCCIC/ICS‑CERT Web site October 09, 2013. Adam Crain of Automatak and independent researcher Chris Sistrunk have...

6.2AI score
Exploits0References10
Rows per page
Query Builder