Total
157 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-22066 | 1 Zte | 8 Zxr10 160, Zxr10 160 Firmware, Zxr10 1800-2s and 5 more | 2024-11-08 | 7.5 High |
| There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device. | ||||
| CVE-2024-45244 | 1 Hyperledger | 1 Fabric | 2024-10-30 | 5.3 Medium |
| Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window. | ||||
| CVE-2024-3982 | 2 Hitachi, Hitachienergy | 2 Microscada X Sys600, Microscada X Sys600 | 2024-10-30 | 8.2 High |
| An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator rights can enable it. | ||||
| CVE-2023-34625 | 1 Showmojo | 2 Mojobox, Mojobox Firmware | 2024-10-30 | 8.1 High |
| ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation of the lock opening mechanism via Bluetooth Low Energy (BLE) is vulnerable to replay attacks. A malicious user is able to intercept BLE requests and replicate them to open the lock at any time. Alternatively, an attacker with physical access to the device on which the Android app is installed, can obtain the latest BLE messages via the app logs and use them for opening the lock. | ||||
| CVE-2023-30909 | 2 Hp, Hpe | 3 Oneview, Oneview, Oneview Global Dashboard | 2024-10-28 | 9.8 Critical |
| A remote authentication bypass issue exists in some OneView APIs. | ||||
| CVE-2023-49231 | 1 Stilog | 1 Visual Planning 8 | 2024-10-28 | 9.8 Critical |
| An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token. | ||||
| CVE-2023-20123 | 1 Cisco | 2 Duo, Duo Authentication For Windows Logon And Rdp | 2024-10-28 | 6.3 Medium |
| A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device. This vulnerability exists because session credentials do not properly expire. An attacker could exploit this vulnerability by replaying previously used multifactor authentication (MFA) codes to bypass MFA protection. A successful exploit could allow the attacker to gain unauthorized access to the affected device. | ||||
| CVE-2021-41030 | 1 Fortinet | 1 Forticlient Enterprise Management Server | 2024-10-25 | 5.4 Medium |
| An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages. | ||||
| CVE-2023-41890 | 1 Sustainsys | 1 Saml2 | 2024-10-15 | 7.5 High |
| Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible. | ||||
| CVE-2024-46041 | 1 Iothaat | 1 Smart Plug Ih In 16a S | 2024-10-07 | 8.8 High |
| IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. | ||||
| CVE-2024-39081 | 1 Jktyre | 1 Smart Tyre Car \& Bike | 2024-10-01 | 4.2 Medium |
| An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications. | ||||
| CVE-2024-5249 | 1 Perforce | 1 Akana Api | 2024-10-01 | 5.4 Medium |
| In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | ||||
| CVE-2023-39373 | 1 Hyundai | 2 Hyundai 2017, Hyundai 2017 Firmware | 2024-09-27 | 7.4 High |
| A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay. | ||||
| CVE-2024-34065 | 1 Strapi | 1 Strapi | 2024-09-26 | 7.1 High |
| Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch. | ||||
| CVE-2024-38272 | 1 Google | 1 Nearby | 2024-09-24 | 4.3 Medium |
| There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quick Share or above | ||||
| CVE-2024-8260 | 2 Microsoft, Openpolicyagent | 2 Windows, Open Policy Agent | 2024-09-19 | 6.1 Medium |
| A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions. | ||||
| CVE-2024-29851 | 1 Veeam | 1 Backup Enterprise Manager | 2024-09-19 | N/A |
| Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account. | ||||
| CVE-2024-29850 | 1 Veeam | 1 Backup Enterprise Manager | 2024-09-19 | N/A |
| Veeam Backup Enterprise Manager allows account takeover via NTLM relay. | ||||
| CVE-2018-14781 | 1 Medtronicdiabetes | 18 508 Minimed Insulin Pump, 508 Minimed Insulin Pump Firmware, 522 Paradigm Real-time and 15 more | 2024-09-17 | N/A |
| Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolus" options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery. | ||||
| CVE-2022-40621 | 1 Wavlink | 2 Wn531g3, Wn531g3 Firmware | 2024-09-17 | 7.5 High |
| Because the WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 and earlier communicates over HTTP and not HTTPS, and because the hashing mechanism does not rely on a server-supplied key, it is possible for an attacker with sufficient network access to capture the hashed password of a logged on user and use it in a classic Pass-the-Hash style attack. | ||||