Total
157 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38890 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 8.4 High |
| An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks. | ||||
| CVE-2013-1351 | 1 Veraxsystems | 1 Network Management System | 2024-08-06 | 5.9 Medium |
| Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password. | ||||
| CVE-2015-8138 | 2 Ntp, Redhat | 2 Ntp, Enterprise Linux | 2024-08-06 | N/A |
| NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. | ||||
| CVE-2015-8140 | 1 Ntp | 1 Ntp | 2024-08-06 | N/A |
| The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network. | ||||
| CVE-2015-7973 | 5 Canonical, Freebsd, Netapp and 2 more | 9 Ubuntu Linux, Freebsd, Clustered Data Ontap and 6 more | 2024-08-06 | 6.5 Medium |
| NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. | ||||
| CVE-2017-6823 | 1 Fiyo | 1 Fiyo Cms | 2024-08-05 | N/A |
| Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter to dapur/ in an app=user&act=edit action. | ||||
| CVE-2017-6034 | 1 Schneider-electric | 2 Modbus, Modbus Firmware | 2024-08-05 | N/A |
| An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download. | ||||
| CVE-2017-5251 | 1 Insteon | 2 Insteon Hub, Insteon Hub Firmware | 2024-08-05 | N/A |
| In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted. | ||||
| CVE-2017-3191 | 2 D-link, Dlink | 4 Dir-130 Firmware, Dir-330 Firmware, Dir-130 and 1 more | 2024-08-05 | N/A |
| D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login page can manipulate the POST request in such a manner as to access some administrator-only pages such as tools_admin.asp without credentials. | ||||
| CVE-2018-19025 | 1 Juuko | 2 K-808, K-808 Firmware | 2024-08-05 | 9.8 Critical |
| In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.). | ||||
| CVE-2018-17932 | 1 Juuko | 2 K-800, K-800 Firmware | 2024-08-05 | 9.8 Critical |
| JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running. | ||||
| CVE-2018-16242 | 1 O.bike | 3 Obike-stationless Bike Sharing, Smart Locker, Smart Locker Firmware | 2024-08-05 | N/A |
| oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol. | ||||
| CVE-2018-15498 | 1 Ysoft | 2 Safeq Server, Safeq Server Client | 2024-08-05 | N/A |
| YSoft SafeQ Server 6 allows a replay attack. | ||||
| CVE-2018-13789 | 1 Descor | 1 Infocad Fm | 2024-08-05 | N/A |
| An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauthenticated web service allows the retrieval of files on the web server and on reachable SMB servers. | ||||
| CVE-2018-7356 | 1 Zte | 2 Zxr10 8905e, Zxr10 8905e Firmware | 2024-08-05 | N/A |
| All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections. | ||||
| CVE-2019-20626 | 1 Honda | 2 Hr-v 2017, Hr-v 2017 Firmware | 2024-08-05 | 6.5 Medium |
| The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack. | ||||
| CVE-2019-18226 | 1 Honeywell | 128 H2w2gr1, H2w2gr1 Firmware, H2w2pc1m and 125 more | 2024-08-05 | 9.8 Critical |
| Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products. | ||||
| CVE-2019-13533 | 1 Omron | 2 Plc Cj Firmware, Plc Cs Firmware | 2024-08-04 | 8.1 High |
| In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves. | ||||
| CVE-2019-12887 | 1 Keyidentity | 1 Linotp | 2024-08-04 | N/A |
| KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue 1 of 2). | ||||
| CVE-2019-12393 | 1 Anviz | 1 Management System | 2024-08-04 | 7.5 High |
| Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. | ||||