Skip to main content

CWE-16

Configuration

85 CVEs Avg CVSS 6.5 MITRE
16
CRITICAL
21
HIGH
42
MEDIUM
6
LOW
12
POC
0
KEV

Monthly

CVE-2026-4433 LOW Monitor

Tenable OT contains an SSH misconfiguration that permits unauthorized disclosure of socket, port, and service information through the ostunnel user account and improper GatewayPorts settings. This vulnerability affects Tenable Operation Technology across multiple versions and allows attackers to enumerate underlying system architecture and network configuration without requiring high privileges or complex exploitation. While no CVSS score, EPSS data, or confirmed active exploitation is publicly documented, the information disclosure nature of this vulnerability enables reconnaissance for subsequent targeted attacks.

Information Disclosure Tenable Operation Technology
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-20151 MEDIUM This Month

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Cisco Ios Xe Sd Wan
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-46909 CRITICAL Act Now

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Whatsup Gold
NVD
CVSS 3.1
9.8
EPSS
49.2%
CVE-2024-47294 HIGH This Week

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-47291 MEDIUM This Month

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-42031 HIGH This Week

Access permission verification vulnerability in the Settings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-32991 CRITICAL Act Now

Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-43088 MEDIUM This Month

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Dell Precision 7865 Tower Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-39385 CRITICAL Act Now

Vulnerability of configuration defects in the media module of certain products.. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2023-39392 HIGH This Week

Vulnerability of insecure signatures in the OsuLogin module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.2%
EPSS 0% CVSS 1.9
LOW Monitor

Tenable OT contains an SSH misconfiguration that permits unauthorized disclosure of socket, port, and service information through the ostunnel user account and improper GatewayPorts settings. This vulnerability affects Tenable Operation Technology across multiple versions and allows attackers to enumerate underlying system architecture and network configuration without requiring high privileges or complex exploitation. While no CVSS score, EPSS data, or confirmed active exploitation is publicly documented, the information disclosure nature of this vulnerability enables reconnaissance for subsequent targeted attacks.

Information Disclosure Tenable Operation Technology
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Authentication Bypass Cisco +1
NVD
EPSS 49% CVSS 9.8
CRITICAL Act Now

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Whatsup Gold
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Access permission verification vulnerability in the Settings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Dell Precision 7865 Tower Firmware
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Vulnerability of configuration defects in the media module of certain products.. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability of insecure signatures in the OsuLogin module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy