Total
713 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3028 | 1 Hopechart | 2 Hqt401, Hqt401 Firmware | 2024-11-21 | N/A | 8.6 HIGH |
| Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit. Other models are possibly affected too. Multiple vulnerabilities were identified: - The MQTT backend does not require authentication, allowing unauthorized connections from an attacker. - The vehicles publish their telemetry data (e.g. GPS Location, speed, odometer, fuel, etc) as messages in public topics. The backend also sends commands to the vehicles as MQTT posts in public topics. As a result, an attacker can access the confidential data of the entire fleet that is managed by the backend. - The MQTT messages sent by the vehicles or the backend are not encrypted or authenticated. An attacker can create and post messages to impersonate a vehicle or the backend. The attacker could then, for example, send incorrect information to the backend about the vehicle's location. - The backend can inject data into a vehicle´s CAN bus by sending a specific MQTT message on a public topic. Because these messages are not authenticated or encrypted, an attacker could impersonate the backend, create a fake message and inject CAN data in any vehicle managed by the backend. The confirmed version is 201808021036, however further versions have been also identified as potentially impacted. | |||||
| CVE-2023-39172 | 1 Enbw | 2 Senec Storage Box, Senec Storage Box Firmware | 2024-11-21 | N/A | 9.1 CRITICAL |
| The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic. | |||||
| CVE-2023-39086 | 1 Asus | 2 Rt-ac66u B1, Rt-ac66u B1 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext. | |||||
| CVE-2023-38276 | 1 Ibm | 1 Cognos Dashboards On Cloud Pak For Data | 2024-11-21 | N/A | 5.9 MEDIUM |
| IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736. | |||||
| CVE-2023-38275 | 1 Ibm | 1 Cognos Dashboards On Cloud Pak For Data | 2024-11-21 | N/A | 5.9 MEDIUM |
| IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730. | |||||
| CVE-2023-36673 | 1 Avira | 1 Phantom Vpn | 2024-11-21 | N/A | 7.3 HIGH |
| An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address" rather than to only Avira Phantom VPN. | |||||
| CVE-2023-36672 | 1 Clario | 1 Vpn | 2024-11-21 | N/A | 5.7 MEDIUM |
| An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in leakage of traffic in plaintext" rather than to only Clario. | |||||
| CVE-2023-36671 | 1 Clario | 1 Vpn | 2024-11-21 | N/A | 6.3 MEDIUM |
| An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. This allows an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack for only traffic to the real IP address of the VPN server" rather than to only Clario. | |||||
| CVE-2023-35833 | 1 Ysoft | 1 Safeq Server | 2024-11-21 | N/A | 6.5 MEDIUM |
| An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be (re)entered. This results in exposing cleartext credentials when connecting to a rogue LDAP server. NOTE: the vendor originally reported this as a security issue but then reconsidered because of the requirement for Admin access in order to change the configuration. | |||||
| CVE-2023-34998 | 1 Openautomationsoftware | 1 Oas Platform | 2024-11-21 | N/A | 8.1 HIGH |
| An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability. | |||||
| CVE-2023-34972 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.5 LOW |
| A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later | |||||
| CVE-2023-34441 | 1 Bakerhughes | 2 Bentley Nevada 3500 System, Bentley Nevada 3500 System Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests. | |||||
| CVE-2023-34142 | 3 Hitachi, Linux, Microsoft | 3 Device Manager, Linux Kernel, Windows | 2024-11-21 | N/A | 9.0 CRITICAL |
| Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02. | |||||
| CVE-2023-33960 | 1 Openproject | 1 Openproject | 2024-11-21 | N/A | 7.5 HIGH |
| OpenProject is web-based project management software. For any OpenProject installation, a `robots.txt` file is generated through the server to denote which routes shall or shall not be accessed by crawlers. These routes contain project identifiers of all public projects in the instance. Prior to version 12.5.6, even if the entire instance is marked as `Login required` and prevents all truly anonymous access, the `/robots.txt` route remains publicly available. Version 12.5.6 has a fix for this issue. Alternatively, users can download a patchfile to apply the patch to any OpenProject version greater than 10.0 As a workaround, one may mark any public project as non-public and give anyone in need of access to the project a membership. | |||||
| CVE-2023-33837 | 1 Ibm | 1 Security Verify Governance | 2024-11-21 | N/A | 4.1 MEDIUM |
| IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020. | |||||
| CVE-2023-33187 | 1 Highlight | 1 Highlight | 2024-11-21 | N/A | 5.4 MEDIUM |
| Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `type="password"` inputs. A customer may assume that switching to `type="text"` would also not record this input; hence, they would not add additional `highlight-mask` css-class obfuscation to this part of the DOM, resulting in unintentional recording of a password value when a `Show Password` button is used. This issue was patched in version 6.0.0. This patch tracks changes to the `type` attribute of an input to ensure an input that used to be a `type="password"` continues to be obfuscated. | |||||
| CVE-2023-32328 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957. | |||||
| CVE-2023-31823 | 1 Marui | 1 Marui | 2024-11-21 | N/A | 7.5 HIGH |
| An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function. | |||||
| CVE-2023-31410 | 1 Sick | 1 Sick Eventcam App | 2024-11-21 | N/A | 9.8 CRITICAL |
| A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK EventCam App. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the EventCam App and the Client, and potentially manipulate the data being transmitted. | |||||
| CVE-2023-31193 | 1 Snapone | 1 Orvc | 2024-11-21 | N/A | 7.5 HIGH |
| Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation. | |||||