CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface...

6.3CVSS8.7AI score0.01655EPSS

Exploits1References1

NVD•added 2024/05/14 3:42 p.m.•5 views

CVE-2024-4129

Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through 9.34.0...

8.8CVSS8.7AI score0.00109EPSS

Exploits0References1

CNNVD•added 2024/05/14 12:0 a.m.•1 views

Snow Software Snow License Manager 授权问题漏洞

Snow Software Snow License Manager SLM is the central hub of the Snow Software Asset Management platform from Snow Software, Sweden. An authorization issue vulnerability exists in Snow Software Snow License Manager versions 9.33.2 through 9.34.0 that stems from incorrect authentication and allows...

8.8CVSS6.9AI score0.00109EPSS

Exploits0References3

CVE•added 2024/05/10 6:55 a.m.•20 views

CVE-2024-4129

The provided data confirms CVE-2024-4129: Snow Software AB Snow License Manager for Windows (versions 9.33.2–9.34.0) contains an Improper Authentication flaw that allows a network attacker to bypass authentication when Active Directory Authentication is enabled. Affected component/condition: Snow...

8.8CVSS6.8AI score0.00109EPSS

Exploits0References1

Vulnrichment•added 2024/05/10 6:55 a.m.•10 views

CVE-2024-4129 Authentication bypass in Snow License Manager

8.8CVSS6.9AI score0.00109EPSS

Exploits0References1

NVD•added 2024/02/08 1:15 p.m.•8 views

CVE-2024-1149

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0;...

7.8CVSS7.7AI score0.00019EPSS

Exploits0References1

NVD•added 2024/02/08 1:15 p.m.•12 views

CVE-2024-1150

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 7.3.1...

7.8CVSS7.7AI score0.00025EPSS

Exploits0References1

Prion•added 2024/02/08 1:15 p.m.•14 views

Information disclosure

1.7CVSS7.2AI score0.00025EPSS

Exploits0References1Affected Software1

Prion•added 2024/02/08 1:15 p.m.•12 views

Information disclosure

1.7CVSS7.2AI score0.00019EPSS

Exploits0References1Affected Software1

Prion•added 2024/02/08 1:15 p.m.•11 views

Design/Logic Flaw

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0...

1.7CVSS7.2AI score0.00008EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/02/08 1:6 p.m.•15 views

CVE-2024-1150 Improper validation of update packages

7.8CVSS7.9AI score0.00025EPSS

Exploits0References1

Vulnrichment•added 2024/02/08 1:6 p.m.•10 views

CVE-2024-1150 Improper validation of update packages

7.8CVSS7AI score0.00025EPSS

Exploits0References1

CVE•added 2024/02/08 1:6 p.m.•39 views

CVE-2024-1150

CVE-2024-1150 : Snow Software Inventory Agent on Unix (versions through 7.3.1) suffers from improper verification of cryptographic signatures in Snow Update Packages, enabling file manipulation via update packages. Root cause: insufficient/incorrect signature validation. Impact: integrity of upda...

7.8CVSS5.6AI score0.00025EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/02/08 1:1 p.m.•11 views

CVE-2024-1149 Improper validation of update packages

7.8CVSS7.8AI score0.00019EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by