Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-54052

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00594EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/03/15 8:10 a.m.25 views

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

8.8CVSS7.2AI score0.00594EPSS
Exploits1References1
NVD
NVD
added 2025/03/13 5:15 p.m.9 views

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

8.8CVSS0.00594EPSS
Exploits1References2
OSV
OSV
added 2025/03/13 5:15 p.m.4 views

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

8.8CVSS7AI score
Exploits0References2
CVE
CVE
added 2025/03/13 12:0 a.m.52 views

CVE-2024-53406

CVE-2024-53406 affects Espressif ESP-IDF v5.3.0. The issue is described as insecure permissions that enable authentication bypass, with the reconnection phase reusing a prior session key, creating a foothold for security bypass attacks. The documented CVSS v3.1 base score is 8.8 (HIGH) with netwo...

8.8CVSS7.4AI score0.00594EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/13 12:0 a.m.9 views

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

6.9AI score0.00594EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/13 12:0 a.m.20 views

CVE-2024-53406

Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks...

0.00594EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2023/12/04 1:16 p.m.70 views

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle AitM scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification 4.2...

6.8CVSS7.2AI score0.01297EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.10 views

PT-2023-26679 · Tp Link · Tapo Application +4

Name of the Vulnerable Software and Affected Versions: TPLink Smart Bulb Tapo series L530 versions 1.0.0 through 1.2.3 TPLink Smart Bulb Tapo series L510E versions 1.0.0 through 1.0.9 TPLink Smart Bulb Tapo series L630 versions 1.0.0 through 1.0.3 TPLink Smart Bulb Tapo series P100 versions 1.0.0...

7.5CVSS7AI score0.00694EPSS
Exploits0References11
CERT
CERT
added 2017/10/16 12:0 a.m.816 views

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...

8.1CVSS8AI score0.04575EPSS
Exploits1References3
OSV
OSV
added 2014/12/08 11:59 a.m.5 views

DEBIAN-CVE-2014-3616

nginx 0.5.6 through 1.7.4, when using the same shared sslsessioncache or sslsessionticketkey for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks...

4.3CVSS7AI score0.05654EPSS
Exploits0References1
Rows per page
Query Builder