Total
4021 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45173 | 1 Liveboxcloud | 1 Vdesk | 2025-02-07 | N/A | 9.8 CRITICAL |
| An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool the application into concluding that the TOTP was correct. | |||||
| CVE-2023-38096 | 1 Netgear | 1 Prosafe Network Management System | 2025-02-06 | N/A | 9.8 CRITICAL |
| NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MyHandlerInterceptor class. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-19718. | |||||
| CVE-2022-48314 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-06 | N/A | 6.5 MEDIUM |
| The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2021-40507 | 1 Openrisc | 2 Or1200, Or1200 Firmware | 2025-02-06 | N/A | 9.8 CRITICAL |
| An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience corruption in execution. | |||||
| CVE-2021-40506 | 1 Openrisc | 2 Or1200, Or1200 Firmware | 2025-02-06 | N/A | 9.8 CRITICAL |
| An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience corruption in execution. | |||||
| CVE-2024-48445 | 2025-02-06 | N/A | 9.8 CRITICAL | ||
| An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters. | |||||
| CVE-2024-10963 | 2025-02-06 | N/A | 7.4 HIGH | ||
| A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals. | |||||
| CVE-2022-37345 | 1 Intel | 16 Nuc Kit Nuc5i3ryh, Nuc Kit Nuc5i3ryh Firmware, Nuc Kit Nuc5i3ryhs and 13 more | 2025-02-05 | N/A | 7.8 HIGH |
| Improper authentication in BIOS firmware[A1] for some Intel(R) NUC Kits before version RY0386 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-29893 | 1 Intel | 1 Active Management Technology Firmware | 2025-02-05 | N/A | 8.1 HIGH |
| Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-27874 | 1 Intel | 2 Xmm 7560, Xmm 7560 Firmware | 2025-02-05 | N/A | 6.8 MEDIUM |
| Improper authentication in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2022-26845 | 1 Intel | 1 Active Management Technology Firmware | 2025-02-05 | N/A | 8.7 HIGH |
| Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-26508 | 1 Intel | 1 Server Debug And Provisioning Tool | 2025-02-05 | N/A | 4.3 MEDIUM |
| Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2022-21794 | 1 Intel | 10 Nuc 8 Business Nuc8i7hnkqc, Nuc 8 Business Nuc8i7hnkqc Firmware, Nuc 8 Enthusiast Nuc8i7hvkva and 7 more | 2025-02-05 | N/A | 7.7 HIGH |
| Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33159 | 1 Intel | 1 Active Management Technology Firmware | 2025-02-05 | N/A | 7.4 HIGH |
| Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-33076 | 1 Intel | 60 Ssd 600p, Ssd 600p Firmware, Ssd 660p and 57 more | 2025-02-05 | N/A | 5.3 MEDIUM |
| Improper authentication in firmware for some Intel(R) SSD DC Products may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2022-36370 | 1 Intel | 4 Nuc Board Nuc5i3mybe, Nuc Board Nuc5i3mybe Firmware, Nuc Kit Nuc5i3myhe and 1 more | 2025-02-05 | N/A | 7.5 HIGH |
| Improper authentication in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-51478 | 1 Buildapp | 1 Build App Online | 2025-02-05 | N/A | 9.8 CRITICAL |
| Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19. | |||||
| CVE-2023-48747 | 1 Booster | 1 Booster For Woocommerce | 2025-02-05 | N/A | 6.5 MEDIUM |
| Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster for WooCommerce: from n/a through 7.1.2. | |||||
| CVE-2023-47504 | 1 Elementor | 1 Website Builder | 2025-02-05 | N/A | 7.5 HIGH |
| Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4. | |||||
| CVE-2024-12510 | 2025-02-03 | N/A | 6.7 MEDIUM | ||
| If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup. | |||||