Total
145 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38314 | 1 Ibm | 1 Maximo Application Suite | 2024-10-25 | 5.9 Medium |
| IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment. | ||||
| CVE-2024-20350 | 1 Cisco | 1 Digital Network Architecture Center | 2024-09-27 | 7.5 High |
| A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials. | ||||
| CVE-2024-46612 | 1 Icecms Project | 1 Icecms | 2024-09-26 | 9.8 Critical |
| IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information. | ||||
| CVE-2024-42418 | 2 Avtec, Avtecinc | 5 Outpost 0810, Outpost Uploader Utility, Outpost 0810 and 2 more | 2024-09-04 | 7.5 High |
| Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. | ||||
| CVE-2024-41260 | 1 Netbirdio | 1 Netbird | 2024-08-06 | 7.5 High |
| A static initialization vector (IV) in the encrypt function of netbird v0.28.4 allows attackers to obtain sensitive information. | ||||