Total
1029 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11925 | 1 Luvion | 2 Grand Elite 3 Connect, Grand Elite 3 Connect Firmware | 2024-08-01 | 8.3 HIGH | 8.8 HIGH |
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the device is based on a username and password. The root credentials are the same across all devices of this model. | |||||
CVE-2021-30116 | 1 Kaseya | 2 Vsa Agent, Vsa Server | 2024-07-29 | 7.5 HIGH | 9.8 CRITICAL |
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client for Windows and installs it, the file KaseyaD.ini is generated (C:\Program Files (x86)\Kaseya\XXXXXXXXXX\KaseyaD.ini) which contains an Agent_Guid and AgentPassword This Agent_Guid and AgentPassword can be used to log in on dl.asp (https://x.x.x.x/dl.asp?un=840997037507813&pw=113cc622839a4077a84837485ced6b93e440bf66d44057713cb2f95e503a06d9) This request authenticates the client and returns a sessionId cookie that can be used in subsequent attacks to bypass authentication. Security issues discovered --- * Unauthenticated download page leaks credentials * Credentials of agent software can be used to obtain a sessionId (cookie) that can be used for services not intended for use by agents * dl.asp accepts credentials via a GET request * Access to KaseyaD.ini gives an attacker access to sufficient information to penetrate the Kaseya installation and its clients. Impact --- Via the page /dl.asp enough information can be obtained to give an attacker a sessionId that can be used to execute further (semi-authenticated) attacks against the system. | |||||
CVE-2020-29583 | 1 Zyxel | 60 Atp100, Atp100 Firmware, Atp100w and 57 more | 2024-07-26 | 10.0 HIGH | 9.8 CRITICAL |
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. | |||||
CVE-2017-9248 | 2 Progress, Telerik | 2 Sitefinity, Ui For Asp.net Ajax | 2024-07-25 | 7.5 HIGH | 9.8 CRITICAL |
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise. | |||||
CVE-2024-38453 | 2024-07-09 | N/A | 7.5 HIGH | ||
The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024. | |||||
CVE-2024-37051 | 1 Jetbrains | 13 Aqua, Clion, Datagrip and 10 more | 2024-07-05 | N/A | 7.5 HIGH |
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 | |||||
CVE-2024-34147 | 2024-07-03 | N/A | 4.3 MEDIUM | ||
Jenkins Telegram Bot Plugin 1.4.0 and earlier stores the Telegram Bot token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | |||||
CVE-2024-32238 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface. | |||||
CVE-2024-30119 | 2024-07-03 | N/A | 3.7 LOW | ||
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This could allow an attacker to intercept or manipulate data during redirection. | |||||
CVE-2024-28325 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings. | |||||
CVE-2023-41926 | 2024-07-02 | N/A | 8.8 HIGH | ||
The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials. | |||||
CVE-2024-38285 | 2024-06-13 | N/A | N/A | ||
Logs storing credentials are insufficiently protected and can be decoded through the use of open source tools. | |||||
CVE-2024-38282 | 2024-06-13 | N/A | N/A | ||
Utilizing default credentials, an attacker is able to log into the camera's operating system which could allow changes to be made to the operations or shutdown the camera requiring a physical reboot of the system. | |||||
CVE-2024-5657 | 1 Born05 | 1 Two-factor Authentication | 2024-06-11 | N/A | 8.1 HIGH |
The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP. | |||||
CVE-2024-33497 | 2024-06-11 | N/A | 6.3 MEDIUM | ||
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role. | |||||
CVE-2024-33496 | 2024-06-11 | N/A | 6.3 MEDIUM | ||
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role. | |||||
CVE-2022-37783 | 1 Craftcms | 1 Craft Cms | 2024-06-10 | N/A | 7.5 HIGH |
All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site Request Forgery attacks. The CRAFT_CSRF_TOKEN cookie discloses the password hash in without encoding it whereas the corresponding HTML hidden field discloses the users' password hash in a masked manner, which can be decoded by using public functions of the YII framework. | |||||
CVE-2024-5176 | 2024-06-05 | N/A | N/A | ||
Insufficiently Protected Credentials vulnerability in Baxter Welch Allyn Configuration Tool may allow Remote Services with Stolen Credentials.This issue affects Welch Allyn Configuration Tool: versions 1.9.4.1 and prior. | |||||
CVE-2024-36127 | 2024-06-03 | N/A | 7.5 HIGH | ||
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5. | |||||
CVE-2023-35348 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2024-05-29 | N/A | 6.5 MEDIUM |
Active Directory Federation Service Security Feature Bypass Vulnerability |