Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-2646

Malware in sbrugna...

7.5CVSS7.4AI score0.01504EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-2647

Malware in sbrugna...

8.6CVSS8.5AI score0.0145EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-10185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside...

8.6CVSS7.8AI score0.0145EPSS
Exploits1References2
CNVD
CNVD
added 2020/03/09 12:0 a.m.3 views

Yubico YubiKey Validation Server SQL Injection Vulnerability (CNVD-2020-16073)

Yubico YubiKey Validation Server is an authentication server from the Swedish company Yubico. A SQL injection vulnerability exists in YubiKey Validation Server versions prior to 2.40. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based...

7.5CVSS8.2AI score0.01504EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/09 12:0 a.m.3 views

Unspecified Vulnerability in Yubico YubiKey Validation Server

Yubico YubiKey Validation Server is an authentication server from the Swedish company Yubico. A security vulnerability exists in the sync endpoint in YubiKey Validation Server versions prior to 2.40. A remote attacker could exploit the vulnerability to conduct replay attacks using previously used...

8.6CVSS7AI score0.0145EPSS
Exploits1References1
NVD
NVD
added 2020/03/05 11:15 p.m.13 views

CVE-2020-10185

The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT...

8.6CVSS8.4AI score0.0145EPSS
Exploits1References3
OSV
OSV
added 2020/03/05 11:15 p.m.11 views

CVE-2020-10184

The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service...

7.5CVSS8.6AI score
Exploits0References3
Prion
Prion
added 2020/03/05 11:15 p.m.11 views

Default configuration

The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT...

6.8CVSS8.3AI score0.0145EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2020/03/05 11:15 p.m.1 views

UBUNTU-CVE-2020-10185

The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT...

8.6CVSS5.8AI score0.0145EPSS
Exploits1References5
CVE
CVE
added 2020/03/05 10:48 p.m.146 views

CVE-2020-10184

CVE-2020-10184 affects YubiKey Validation Server’s verify endpoint (pre-2.40), allowing remote SQL injection to cause DoS on self-hosted OTP validation services (not YubiCloud). Remediation per sources: upgrade to 2.40+; Debian advisory notes fixed in 2.27-1+deb8u1 for Jessie.

7.5CVSS7.8AI score0.01504EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/03/05 10:48 p.m.19 views

CVE-2020-10185

Removed by vendor...

8.6CVSS8.6AI score0.0145EPSS
Exploits1
Rows per page
Query Builder