Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2345 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23901 | 1 Seiko-sol | 4 Skybridge Basic Mb-a130, Skybridge Basic Mb-a130 Firmware, Skybridge Mb-a200 and 1 more | 2025-01-28 | 4.8 Medium |
| Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the product. | ||||
| CVE-2024-22092 | 1 Openatom | 1 Openharmony | 2025-01-27 | 7.7 High |
| in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action. | ||||
| CVE-2023-27823 | 1 Optoma | 1 1080pstx | 2025-01-24 | 9.8 Critical |
| An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials. | ||||
| CVE-2023-31151 | 1 Selinc | 20 Sel-2241 Rtac Module, Sel-2241 Rtac Module Firmware, Sel-3350 and 17 more | 2025-01-24 | 4.7 Medium |
| An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details. | ||||
| CVE-2024-3848 | 1 Lfprojects | 1 Mlflow | 2025-01-24 | 7.5 High |
| A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal. | ||||
| CVE-2023-32994 | 1 Jenkins | 1 Saml Single Sign On | 2025-01-23 | 3.7 Low |
| Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | ||||
| CVE-2023-2780 | 1 Lfprojects | 1 Mlflow | 2025-01-22 | 9.8 Critical |
| Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | ||||
| CVE-2022-45457 | 2 Acronis, Microsoft | 3 Agent, Cyber Protect, Windows | 2025-01-22 | 7.5 High |
| Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984. | ||||
| CVE-2022-45458 | 4 Acronis, Apple, Linux and 1 more | 5 Agent, Cyber Protect, Macos and 2 more | 2025-01-22 | 7.5 High |
| Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984. | ||||
| CVE-2024-52534 | 1 Dell | 1 Elastic Cloud Storage | 2025-01-21 | 5.4 Medium |
| Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft. | ||||
| CVE-2023-20881 | 1 Cloudfoundry | 3 Capi-release, Cf-deployment, Loggregator-agent | 2025-01-21 | 8.1 High |
| Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user to override the private key and add or modify a certificate authority used for the connection. | ||||
| CVE-2023-31762 | 1 Mydigoo | 2 Dg-hamb, Dg-hamb Firmware | 2025-01-17 | 7.5 High |
| Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack. | ||||
| CVE-2023-31761 | 1 Blitzwolf | 2 Bw-is22, Bw-is22 Firmware | 2025-01-17 | 7.5 High |
| Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows attackers to gain full access to the system via a code replay attack. | ||||
| CVE-2023-31759 | 1 Keruistore | 2 Kerui W18, Kerui W18 Firmware | 2025-01-17 | 7.5 High |
| Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack. | ||||
| CVE-2023-31763 | 1 Agshome Smart Alarm Project | 2 Agshome Smart Alarm, Agshome Smart Alarm Firmware | 2025-01-17 | 7.5 High |
| Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access to the system via a code replay attack. | ||||
| CVE-2023-0104 | 1 Weintek | 1 Easybuilder Pro | 2025-01-16 | 9.3 Critical |
| The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data. | ||||
| CVE-2023-36857 | 1 Bakerhughes | 2 Bentley Nevada 3500 System, Bentley Nevada 3500 System Firmware | 2025-01-16 | 5.4 Medium |
| Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access. | ||||
| CVE-2023-2887 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2025-01-16 | 9.8 Critical |
| Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | ||||
| CVE-2023-1664 | 1 Redhat | 8 Amq Broker, Build Of Quarkus, Jboss A-mq and 5 more | 2025-01-15 | 6.5 Medium |
| A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of "Cannot validate client certificate trust: Truststore not available". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. Considering the environment is correctly set to use "Revalidate Client Certificate" this flaw is avoidable. | ||||
| CVE-2023-28321 | 6 Apple, Debian, Fedoraproject and 3 more | 17 Macos, Debian Linux, Fedora and 14 more | 2025-01-15 | 5.9 Medium |
| An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. | ||||