Monthly
Tenable OT contains an SSH misconfiguration that permits unauthorized disclosure of socket, port, and service information through the ostunnel user account and improper GatewayPorts settings. This vulnerability affects Tenable Operation Technology across multiple versions and allows attackers to enumerate underlying system architecture and network configuration without requiring high privileges or complex exploitation. While no CVSS score, EPSS data, or confirmed active exploitation is publicly documented, the information disclosure nature of this vulnerability enables reconnaissance for subsequent targeted attacks.
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Access permission verification vulnerability in the Settings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Vulnerability of configuration defects in the media module of certain products.. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability of insecure signatures in the OsuLogin module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Tenable OT contains an SSH misconfiguration that permits unauthorized disclosure of socket, port, and service information through the ostunnel user account and improper GatewayPorts settings. This vulnerability affects Tenable Operation Technology across multiple versions and allows attackers to enumerate underlying system architecture and network configuration without requiring high privileges or complex exploitation. While no CVSS score, EPSS data, or confirmed active exploitation is publicly documented, the information disclosure nature of this vulnerability enables reconnaissance for subsequent targeted attacks.
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Access permission verification vulnerability in the Settings module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Vulnerability of configuration defects in the media module of certain products.. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability of insecure signatures in the OsuLogin module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.