Total
158 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12355 | 1 Intel | 1 Trusted Execution Engine | 2024-08-04 | 6.8 Medium |
| Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in Intel(R) TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2020-10185 | 1 Yubico | 1 Yubikey One Time Password Validation Server | 2024-08-04 | 8.6 High |
| The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT affect YubiCloud. | ||||
| CVE-2020-10045 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-08-04 | 8.8 High |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application. | ||||
| CVE-2020-9438 | 1 Tinxy | 2 Smart Wifi Door Lock, Smart Wifi Door Lock Firmware | 2024-08-04 | 5.9 Medium |
| Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access revocation is mishandled. | ||||
| CVE-2020-6972 | 1 Honeywell | 1 Notifier Webserver | 2024-08-04 | 9.1 Critical |
| In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. | ||||
| CVE-2020-5261 | 1 Sustainsys | 1 Saml2 | 2024-08-04 | 8.2 High |
| Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 is not affected. It has a correct Token Replay Implementation and is safe to use. Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 have a faulty implementation of Token Replay Detection. Token Replay Detection is an important defense measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 and prior versions are not affected. These versions have a correct Token Replay Implementation and are safe to use. | ||||
| CVE-2020-5300 | 1 Ory | 1 Hydra | 2024-08-04 | 5.8 Medium |
| In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties". Hydra does not check the uniqueness of this `jti` value. Exploiting this vulnerability is somewhat difficult because: - TLS protects against MITM which makes it difficult to intercept valid tokens for replay attacks - The expiry time of the JWT gives only a short window of opportunity where it could be replayed This has been patched in version v1.4.0+oryOS.17 | ||||
| CVE-2020-4042 | 1 Bareos | 1 Bareos | 2024-08-04 | 6.8 Medium |
| Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8. | ||||
| CVE-2021-46145 | 1 Honda | 1 Civic 2012 | 2024-08-04 | 5.3 Medium |
| The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization. | ||||
| CVE-2021-40170 | 1 Securitashome | 2 Securitashome Alarm System, Securitashome Alarm System Firmware | 2024-08-04 | 6.8 Medium |
| An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to trigger arbitrary system functionality by replaying previously recorded signals. This lets an adversary, among other things, disarm an armed system. | ||||
| CVE-2021-39364 | 1 Honeywell | 4 Hbw2per1, Hbw2per1 Firmware, Hdzp252di and 1 more | 2024-08-04 | 7.5 High |
| Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved. | ||||
| CVE-2021-38827 | 1 Xiongmaitech | 2 Xm-jpr2-lx, Xm-jpr2-lx Firmware | 2024-08-04 | 7.5 High |
| Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover. | ||||
| CVE-2021-38296 | 2 Apache, Oracle | 2 Spark, Financial Services Crime And Compliance Management Studio | 2024-08-04 | 7.5 High |
| Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by "spark.authenticate.enableSaslEncryption", "spark.io.encryption.enabled", "spark.ssl", "spark.ui.strictTransportSecurity". Update to Apache Spark 3.1.3 or later | ||||
| CVE-2021-35067 | 1 Meross | 2 Msg100, Msg100 Firmware | 2024-08-04 | 8.1 High |
| Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message). | ||||
| CVE-2021-31958 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-08-03 | 7.5 High |
| Windows NTLM Elevation of Privilege Vulnerability | ||||
| CVE-2021-27572 | 1 Remotemouse | 1 Emote Remote Mouse | 2024-08-03 | 8.1 High |
| An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set. | ||||
| CVE-2021-26824 | 1 Dm Fingertool Project | 1 Dm Fingertool | 2024-08-03 | 7.1 High |
| DM FingerTool v1.19 in the DM PD065 Secure USB is susceptible to improper authentication by a replay attack, allowing local attackers to bypass user authentication and access all features and data on the USB. | ||||
| CVE-2021-25834 | 1 Chainsafe | 1 Ethermint | 2024-08-03 | 7.5 High |
| Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application. | ||||
| CVE-2021-25835 | 1 Chainsafe | 1 Ethermint | 2024-08-03 | 7.5 High |
| Cosmos Network Ethermint <= v0.4.0 is affected by a cross-chain transaction replay vulnerability in the EVM module. Since ethermint uses the same chainIDEpoch and signature schemes with ethereum for compatibility, a verified signature in ethereum is still valid in ethermint with the same msg content and chainIDEpoch, which enables "cross-chain transaction replay" attack. | ||||
| CVE-2021-25480 | 2 Google, Qualcomm | 2 Android, Qualcomm | 2024-08-03 | 4.4 Medium |
| A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. | ||||