Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
:
ID:
Vulnerability Mapping:
Type:
Status:
DetailsContent HistoryObserved CVE ExamplesReports
0Vulnerabilities found
CVE-2025-40769
Assigner-Siemens
ShareView Details
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.02% / 3.41%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 11:17
Updated-12 Aug, 2025 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks.

Action-Not Available
Vendor-Siemens AG
Product-SINEC Traffic Analyzer
CWE ID-CWE-1164
Irrelevant Code
CVE-2025-4656
Assigner-HashiCorp Inc.
ShareView Details
Assigner-HashiCorp Inc.
CVSS Score-3.1||LOW
EPSS-0.01% / 2.03%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 16:15
Updated-13 Aug, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vault Vulnerable to Recovery Key Cancellation Denial of Service

Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22.

Action-Not Available
Vendor-HashiCorp, Inc.
Product-vaultVaultVault Enterprise
CWE ID-CWE-1088
Synchronous Access of Remote Resource without Timeout
CVE-2025-2919
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-7||HIGH
EPSS-0.01% / 1.99%
||
7 Day CHG-0.02%
Published-28 Mar, 2025 | 17:31
Updated-17 Apr, 2025 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netis WF-2404 UART hardware allows activation of test or debug logic at runtime

A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activation of test or debug logic at runtime. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Netis Systems Co., Ltd.
Product-netis_wf-2404netis_wf-2404_firmwareWF-2404
CWE ID-CWE-1313
Hardware Allows Activation of Test or Debug Logic at Runtime
CWE ID-CWE-489
Active Debug Code
CVE-2024-12777
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 17.09%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 10:11
Updated-18 Jul, 2025 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in aimhubio/aim

A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting in the sshfs-client causes the server to hang for a significant amount of time, preventing it from responding to other requests.

Action-Not Available
Vendor-aimstackaimhubio
Product-aimaimhubio/aim
CWE ID-CWE-1088
Synchronous Access of Remote Resource without Timeout
CVE-2024-8062
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.07% / 23.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 10:11
Updated-26 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in h2oai/h2o-3

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a `HEAD` request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controlled server that hangs, causing the application to block and become unresponsive to other requests.

Action-Not Available
Vendor-h2oh2oai
Product-h2oh2oai/h2o-3
CWE ID-CWE-1088
Synchronous Access of Remote Resource without Timeout
CVE-2024-23485
Assigner-Gallagher Group Ltd.
ShareView Details
Assigner-Gallagher Group Ltd.
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.81%
||
7 Day CHG~0.00%
Published-11 Jul, 2024 | 02:38
Updated-01 Aug, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation (CWE-1304) in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access.  This issue affects: Gallagher Controller 6000 and 7000 9.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)),  8.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)), 8.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior.

Action-Not Available
Vendor-Gallagher Group Ltd.
Product-Controller 6000 and Controller 7000
CWE ID-CWE-1304
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
CVE-2024-22064
Assigner-ZTE Corporation
ShareView Details
Assigner-ZTE Corporation
CVSS Score-8.3||HIGH
EPSS-0.12% / 31.49%
||
7 Day CHG~0.00%
Published-10 May, 2024 | 12:28
Updated-28 Jan, 2025 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Configuration error Vulnerability in ZTE ZXUN-ePDG

ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, the user session informations using the keys may be leaked.

Action-Not Available
Vendor-ZTE Corporation
Product-zxun-epdgZXUN-ePDGzxun-epdg
CWE ID-CWE-1051
Initialization with Hard-Coded Network Resource Configuration Data
CWE ID-CWE-665
Improper Initialization
CVE-2023-5236
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.12% / 31.16%
||
7 Day CHG~0.00%
Published-18 Dec, 2023 | 13:43
Updated-23 Nov, 2024 | 01:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infinispan: circular reference on marshalling leads to dos

A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed object into the cache and use it to cause out of memory errors and achieve a denial of service.

Action-Not Available
Vendor-infinispanRed Hat, Inc.
Product-jboss_data_gridinfinispandata_gridRed Hat Data Grid 8Red Hat Data Grid 8.4.4
CWE ID-CWE-1047
Modules with Circular Dependencies
CVE-2023-5635
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.23%
||
7 Day CHG~0.00%
Published-01 Dec, 2023 | 13:29
Updated-03 Jun, 2025 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User Enumeration in ArslanSoft's Education Portal

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1.

Action-Not Available
Vendor-arslansoft_education_portal_projectArslanSoft
Product-arslansoft_education_portalEducation Portal
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2023-5443
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.84%
||
7 Day CHG~0.00%
Published-27 Oct, 2023 | 13:00
Updated-09 Sep, 2024 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User Enumeration in EDM Informatic's E-Invoice Software

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E-invoice allows Account Footprinting.This issue affects E-invoice: before 2.1.

Action-Not Available
Vendor-e-invoice_projectEDM Informaticsedm_informatics
Product-e-invoiceE-invoicee-invoice
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2023-5570
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.84%
||
7 Day CHG~0.00%
Published-27 Oct, 2023 | 11:53
Updated-09 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User Enumeration in Inohom's Home Manager Gateway

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Inohom Home Manager Gateway allows Account Footprinting.This issue affects Home Manager Gateway: before v.1.27.12.

Action-Not Available
Vendor-inohomInohominohom
Product-home_manager_gatewayHome Manager Gatewayhome_manager_gateway
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2023-4720
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-4||MEDIUM
EPSS-0.03% / 7.42%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 15:27
Updated-19 Sep, 2024 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Floating Point Comparison with Incorrect Operator in gpac/gpac

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.

Action-Not Available
Vendor-GPAC
Product-gpacgpac/gpac
CWE ID-CWE-1077
Floating Point Comparison with Incorrect Operator
CVE-2022-41804
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-7.2||HIGH
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:37
Updated-13 Feb, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-xeon_d-2796texeon_platinum_8480\+xeon_gold_6403nxeon_d-1627_firmwarexeon_d-2738xeon_platinum_8470xeon_platinum_8362xeon_platinum_8444hxeon_gold_5412uxeon_platinum_8454h_firmwarexeon_gold_5433nxeon_gold_6338xeon_d-2777nxxeon_d-1527xeon_gold_6338t_firmwarexeon_d-2766ntxeon_silver_4309yxeon_platinum_8352yxeon_platinum_8380h_firmwarexeon_gold_6414u_firmwarexeon_gold_6434hxeon_gold_6434_firmwarexeon_platinum_8360hl_firmwarexeon_d-1746ter_firmwarexeon_gold_5418y_firmwarexeon_gold_6354_firmwarexeon_d-2163it_firmwarexeon_gold_6433n_firmwarexeon_gold_5416sxeon_gold_6326xeon_d-2776ntxeon_d-1527_firmwarexeon_d-1521_firmwarexeon_d-2798ntxeon_d-1733ntxeon_gold_5317_firmwarexeon_platinum_8480\+_firmwarexeon_d-1557_firmwarexeon_d-2775te_firmwarexeon_d-2766nt_firmwarexeon_gold_6438nxeon_silver_4316xeon_gold_5418nxeon_d-1518xeon_gold_5318y_firmwarexeon_platinum_8468xeon_d-1714xeon_d-2799_firmwarexeon_gold_6434h_firmwarexeon_platinum_8470_firmwarexeon_d-2745nx_firmwarexeon_d-2143itxeon_platinum_8444h_firmwarexeon_gold_6348_firmwarexeon_d-2163itxeon_gold_5318s_firmwarexeon_d-1734nt_firmwarexeon_platinum_8468v_firmwarexeon_d-2161i_firmwarexeon_d-2779_firmwarexeon_d-1567_firmwarexeon_d-1567xeon_d-2777nx_firmwarexeon_platinum_8380hxeon_platinum_8460hxeon_bronze_3408u_firmwarexeon_d-2173it_firmwarexeon_gold_5420\+xeon_platinum_8368q_firmwarexeon_platinum_8376hxeon_d-1746terxeon_gold_6312u_firmwarexeon_gold_6330xeon_platinum_8362_firmwarexeon_silver_4310t_firmwarexeon_d-1531_firmwarexeon_gold_6314uxeon_d-2123it_firmwarexeon_platinum_8490h_firmwarexeon_gold_5416s_firmwarexeon_d-1715terxeon_d-1571xeon_platinum_8468_firmwarexeon_d-1736_firmwarexeon_platinum_8353hxeon_gold_6348hxeon_gold_6338_firmwarexeon_gold_6438y\+xeon_gold_6448h_firmwarexeon_d-2173itxeon_d-2123itxeon_d-2177nt_firmwarexeon_gold_5418n_firmwarexeon_d-1627xeon_d-1533n_firmwarexeon_d-2796ntxeon_platinum_8470qxeon_silver_4309y_firmwarexeon_gold_5320hxeon_platinum_8358p_firmwarexeon_gold_5320xeon_d-2779xeon_platinum_8360yxeon_gold_6330h_firmwarexeon_d-1602xeon_gold_6443nxeon_d-1712trxeon_d-1539xeon_platinum_8461vxeon_d-2796te_firmwarefedoraxeon_gold_6338txeon_gold_6448y_firmwarexeon_d-1713ntexeon_d-2752ter_firmwarexeon_gold_5318sxeon_d-2733nt_firmwarexeon_d-1649n_firmwarexeon_gold_6414uxeon_d-2146ntxeon_d-1577_firmwarexeon_platinum_8356h_firmwarexeon_d-2145nt_firmwarexeon_platinum_8450h_firmwarexeon_d-1726_firmwarexeon_d-2187ntxeon_d-1732texeon_gold_6448yxeon_d-2712txeon_d-1537_firmwarexeon_d-1541_firmwarexeon_platinum_8380hlxeon_gold_5318nxeon_platinum_8358pxeon_d-2166nt_firmwarexeon_d-2166ntxeon_d-2776nt_firmwarexeon_d-1732te_firmwarexeon_gold_5433n_firmwarexeon_d-2712t_firmwarexeon_gold_6328h_firmwarexeon_d-1623n_firmwarexeon_gold_6426yxeon_d-1548_firmwarexeon_gold_6328hl_firmwarexeon_d-1713nte_firmwarexeon_gold_6418hxeon_gold_6342_firmwarexeon_gold_5317xeon_platinum_8352m_firmwarexeon_platinum_8358_firmwarexeon_d-2183itxeon_d-1622xeon_d-1559_firmwarexeon_gold_6348h_firmwarexeon_platinum_8356hxeon_gold_6418h_firmwarexeon_platinum_8450hxeon_gold_6433nexeon_d-2145ntxeon_platinum_8360y_firmwarexeon_d-1529_firmwarexeon_d-1540_firmwarexeon_gold_5318h_firmwarexeon_d-1637_firmwarexeon_gold_6443n_firmwarexeon_gold_6416hxeon_d-1733nt_firmwarexeon_d-2733ntxeon_gold_5320txeon_gold_6430_firmwarexeon_gold_6458q_firmwarexeon_gold_6312uxeon_gold_5320h_firmwarexeon_d-2142it_firmwarexeon_d-2143it_firmwarexeon_d-1736xeon_gold_6428n_firmwarexeon_d-1735trxeon_d-1513n_firmwarexeon_d-2795nt_firmwarexeon_silver_4410txeon_d-2752ntexeon_d-1523n_firmwarexeon_silver_4314xeon_gold_5318n_firmwarexeon_platinum_8352y_firmwarexeon_d-2753nt_firmwarexeon_platinum_8471nxeon_platinum_8358xeon_gold_5420\+_firmwarexeon_gold_5315yxeon_gold_5411n_firmwarexeon_gold_6430xeon_platinum_8352s_firmwarexeon_platinum_8452y_firmwarexeon_platinum_8354hxeon_silver_4416\+xeon_gold_6438mxeon_silver_4310_firmwarexeon_gold_6423nxeon_gold_6421n_firmwarexeon_platinum_8462y\+xeon_gold_6338n_firmwarexeon_platinum_8470q_firmwarexeon_d-1718txeon_gold_6416h_firmwarexeon_gold_6326_firmwarexeon_platinum_8351n_firmwarexeon_d-1523nxeon_d-2786nte_firmwarexeon_d-2786ntexeon_gold_6434xeon_d-1540xeon_platinum_8368xeon_d-1653nxeon_gold_5415\+_firmwarexeon_platinum_8471n_firmwarexeon_d-1528xeon_platinum_8454hxeon_d-1637xeon_d-1577xeon_silver_4310txeon_d-1715ter_firmwarexeon_platinum_8380xeon_d-2141ixeon_gold_6442yxeon_d-1541xeon_gold_6314u_firmwaredebian_linuxxeon_platinum_8458p_firmwarexeon_gold_6438y\+_firmwarexeon_d-1543n_firmwarexeon_platinum_8351nxeon_platinum_8376hl_firmwarexeon_d-1633n_firmwarexeon_gold_6330n_firmwarexeon_platinum_8458pxeon_platinum_8352vxeon_gold_6336yxeon_d-1722ne_firmwarexeon_platinum_8470n_firmwarexeon_d-1747ntexeon_gold_5423nxeon_d-2757nx_firmwarexeon_platinum_8460y\+_firmwarexeon_d-1653n_firmwarexeon_gold_6421nxeon_d-1734ntxeon_gold_6433ne_firmwarexeon_d-1735tr_firmwarexeon_platinum_8468h_firmwarexeon_d-1747nte_firmwarexeon_gold_5415\+xeon_d-1553nxeon_gold_6448hxeon_d-1571_firmwarexeon_d-1633nxeon_platinum_8360hlxeon_d-1548xeon_platinum_8380_firmwarexeon_d-1649nxeon_d-1529xeon_platinum_8470nxeon_gold_6330_firmwarexeon_gold_6454s_firmwarexeon_silver_4416\+_firmwarexeon_silver_4410t_firmwarexeon_d-1518_firmwarexeon_platinum_8462y\+_firmwarexeon_gold_5320_firmwarexeon_d-2738_firmwarexeon_platinum_8380hl_firmwarexeon_platinum_8360h_firmwarexeon_d-2757nxxeon_d-1713ntxeon_gold_6438m_firmwarexeon_gold_6354xeon_gold_6336y_firmwarexeon_d-1520xeon_gold_5423n_firmwarexeon_platinum_8490hxeon_d-2752terxeon_platinum_8354h_firmwarexeon_platinum_8352mxeon_d-2799xeon_gold_6444y_firmwarexeon_d-2146nt_firmwarexeon_d-2795ntxeon_platinum_8468hxeon_gold_6330hxeon_d-1739_firmwarexeon_d-1736ntxeon_gold_6428nxeon_gold_5318hxeon_d-1713nt_firmwarexeon_d-1520_firmwarexeon_platinum_8376hlxeon_silver_4316_firmwarexeon_d-2798nt_firmwarexeon_d-1623nxeon_d-1531xeon_d-1533nxeon_silver_4410y_firmwarexeon_d-1722nexeon_gold_6346xeon_d-2142itxeon_gold_6423n_firmwarexeon_d-1718t_firmwarexeon_silver_4410yxeon_platinum_8461v_firmwarexeon_d-1622_firmwarexeon_gold_6338nxeon_d-2796nt_firmwarexeon_platinum_8360hxeon_gold_5315y_firmwarexeon_d-1702_firmwarexeon_d-1749nt_firmwarexeon_d-2161ixeon_d-2141i_firmwarexeon_platinum_8460y\+xeon_gold_5418yxeon_gold_6348xeon_gold_6330nxeon_gold_6403n_firmwarexeon_gold_6442y_firmwarexeon_platinum_8368_firmwarexeon_gold_6454sxeon_d-2798nxxeon_platinum_8352v_firmwarexeon_d-2745nxxeon_platinum_8368qxeon_gold_5412u_firmwarexeon_gold_5320t_firmwarexeon_d-1748texeon_silver_4310xeon_gold_6433nxeon_silver_4314_firmwarexeon_d-1513nxeon_d-1537xeon_gold_6334xeon_d-2187nt_firmwarexeon_d-2752nte_firmwarexeon_d-1739xeon_d-1543nxeon_d-1528_firmwarexeon_d-1539_firmwarexeon_gold_5411nxeon_d-1559xeon_bronze_3408uxeon_d-1702xeon_d-1521xeon_gold_6444yxeon_gold_6342xeon_gold_6438n_firmwarexeon_gold_6426y_firmwarexeon_d-1748te_firmwarexeon_d-1749ntxeon_platinum_8353h_firmwarexeon_platinum_8376h_firmwarexeon_d-1712tr_firmwarexeon_d-2798nx_firmwarexeon_platinum_8352sxeon_platinum_8468vxeon_gold_6346_firmwarexeon_gold_5318yxeon_gold_6458qxeon_gold_6328hxeon_d-2183it_firmwarexeon_d-2753ntxeon_d-1557xeon_platinum_8452yxeon_gold_6334_firmwarexeon_d-2775texeon_d-1714_firmwarexeon_d-1736nt_firmwarexeon_platinum_8460h_firmwarexeon_d-1602_firmwarexeon_gold_6328hlxeon_d-1726xeon_d-2177ntxeon_d-1553n_firmwareIntel(R) Xeon(R) Processors
CWE ID-CWE-1334
Unauthorized Error Injection Can Degrade Hardware Redundancy
CVE-2023-32627
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.06% / 20.16%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 17:15
Updated-27 Jun, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Floating point exception in src/voc.c

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.SoX - Sound eXchange
Product-fedorasound_exchangeenterprise_linuxextra_packages_for_enterprise_linuxsoxRed Hat Enterprise Linux 6Extra Packages for Enterprise LinuxRed Hat Enterprise Linux 7Fedora
CWE ID-CWE-1077
Floating Point Comparison with Incorrect Operator
CWE ID-CWE-697
Incorrect Comparison
CVE-2023-26590
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.03% / 8.49%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 17:14
Updated-27 Jun, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Floating point exception in src/aiff.c

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.SoX - Sound eXchange
Product-fedorasound_exchangeenterprise_linuxextra_packages_for_enterprise_linuxExtra Packages for Enterprise LinuxsoxRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-1077
Floating Point Comparison with Incorrect Operator
CWE ID-CWE-697
Incorrect Comparison
CVE-2023-1014
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.68%
||
7 Day CHG~0.00%
Published-30 Mar, 2023 | 08:17
Updated-11 Feb, 2025 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information disclosure in Vira-Investing

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Virames Vira-Investing allows Account Footprinting.This issue affects Vira-Investing: before 1.0.84.86.

Action-Not Available
Vendor-dizaynVirames
Product-vira-investingVira-Investing
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2023-0839
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-0.08% / 24.77%
||
7 Day CHG~0.00%
Published-06 Mar, 2023 | 07:07
Updated-15 Oct, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Error Handling in inSCADA

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co. InSCADA allows Account Footprinting.This issue affects inSCADA: before 20230115-1.

Action-Not Available
Vendor-inscada_projectProMIS Process Co.
Product-inscadainSCADA
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2022-4293
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.8||MEDIUM
EPSS-0.13% / 33.69%
||
7 Day CHG~0.00%
Published-05 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Floating Point Comparison with Incorrect Operator in vim/vim

Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.

Action-Not Available
Vendor-Vim
Product-vimvim/vim
CWE ID-CWE-1077
Floating Point Comparison with Incorrect Operator
CWE ID-CWE-697
Incorrect Comparison
CVE-2022-3270
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 57.97%
||
7 Day CHG+0.07%
Published-01 Dec, 2022 | 10:27
Updated-24 Apr, 2025 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incomplete Documentation of remote functions in FESTO products.

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.

Action-Not Available
Vendor-festoFesto SE
Product-ethernet\/ip_interface_cpx-ap-i-ep-m12_firmwareservo_cmmt-as-c2-3a-ep-s1compact_vision_system_sboc-m_firmwarebus_node_cpx-m-fb34_firmwareservo_cmmt-as-c2-11a-p3-ep-s1_firmwarecamera_system_chb-c-n_firmwareoperator_unit_cdpx-x-a-w-13servo_cmmt-as-c12-11a-p3-mp-s1_firmwaremotor_controller_cmmp-as-c5-3a-m0_firmwarebus_node_cpx-fb32servo_cmmt-as-c12-11a-p3-ec-s1_firmwarecontroller_cecc-x-m1-ys-l2motor_controller_cmmp-as-c10-11a-p3-m0servo_cmmt-as-c12-11a-p3-mp-s1operator_unit_cdpx-x-a-s-10_firmwareservo_cmmt-as-c3-11a-p3-mp-s1_firmwareplanar_surface_gantry_excm-40_firmwarebus_node_cteu-pnbus_node_cpx-m-fb44controller_cecc-x-m1-y-yjkp_firmwareplanar_surface_gantry_excm-30motor_controller_cmmp-as-c5-3a-m0bus_node_cteu-pn_firmwareservo_cmmt-as-c2-3a-mp-s1_firmwarebus_node_cpx-fb40bus_node_cpx-m-fb35control_block_cpx-cec-m1-v3_firmwarecompact_vision_system_sboc-q_firmwaremotor_controller_cmmo-st-c5-1-lkpmotor_controller_cmmp-as-c5-3a-m3_firmwarecontroller_cecc-x-m1-ys-l1_firmwarecompact_vision_system_sboi-m_firmwareservo_cmmt-as-c5-11a-p3-ec-s1servo_cmmt-as-c5-11a-p3-pn-s1_firmwarecompact_vision_system_sboi-c_firmwarecompact_vision_system_sboi-q_firmwareservo_cmmt-as-c3-11a-p3-ep-s1controller_cecc-d-ba_firmwarecontroller_cecc-sservo_drive_cmmt-st-c8-1c-pn-s0servo_cmmt-as-c7-11a-p3-ec-s1_firmwarecontroller_cecc-lk_firmwarebus_node_cpx-m-fb45_firmwarecompact_vision_system_sboi-ccontrol_block_cpx-fec-1-ieservo_cmmt-as-c4-3a-ep-s1_firmwareservo_cmmt-as-c3-11a-p3-ep-s1_firmwareservo_cmmt-as-c7-11a-p3-pn-s1servo_cmmt-as-c5-11a-p3-ec-s1_firmwareintegrated_drive_emca-ec-67-m-1te-epservo_cmmt-as-c2-11a-p3-ec-s1_firmwareservo_cmmt-as-c3-11a-p3-pn-s1_firmwarecontrol_block_cpx-fec-1-ie_firmwareservo_cmmt-as-c12-11a-p3-pn-s1bus_node_cpx-fb36gateway_cpx-iotcontrol_block_cpx-cec-s1-v3_firmwaremotor_controller_cmmo-st-c5-1-dion_firmwareoperator_unit_cdpx-x-a-w-4motor_controller_cmmp-as-c5-11a-p3-m3_firmwareservo_cmmt-as-c2-11a-p3-pn-s1_firmwarebus_node_cpx-fb39_firmwareservo_cmmt-as-c4-3a-mp-s1ethernet\/ip_interface_cpx-ap-i-pn-m12_firmwareoperator_unit_cdpx-x-a-w-4_firmwarebus_node_cpx-fb43_firmwarecompact_vision_system_sboc-mcontroller_cmxh-st2-c5-7-diop_firmwarebus_node_cpx-fb40_firmwarebus_node_cpx-m-fb34bus_node_cpx-m-fb44_firmwarecontroller_cecc-x-m1_firmwareethernet\/ip_interface_cpx-ap-i-ep-m12controller_cecc-dservo_drive_cmmt-st-c8-1c-ep-s0servo_cmmt-as-c2-3a-ec-s1motor_controller_cmmp-as-c15-11a-p3-m3controller_cecc-x-m1-mv-s1_firmwareservo_drive_cmmt-st-c8-1c-pn-s0_firmwaremotor_controller_cmmp-as-c5-11a-p3-m0servo_cmmt-as-c2-3a-pn-s1servo_cmmt-as-c7-11a-p3-ec-s1control_block_cpx-cmxx_firmwarececx-x-c1_modular_master_controllerbus_node_cteu-epbus_node_cteu-pn-ex1c_firmwarececx-x-m1_modular_controller_firmwarecontroller_cecc-lkgateway_cpx-iot_firmwareplanar_surface_gantry_excm-40vtem-s1-c_firmwarecompact_vision_system_sboc-c_firmwareservo_cmmt-as-c4-3a-pn-s1_firmwarecontroller_cecc-x-m1-y-yjkpcontrol_block_cpx-cecbus_node_cpx-fb43control_block_cpx-cec_firmwareservo_cmmt-as-c7-11a-p3-ep-s1_firmwaremotor_controller_cmmp-as-c10-11a-p3-m3_firmwarececx-x-m1_modular_controlleroperator_unit_cdpx-x-a-s-10controller_cecc-s_firmwareservo_cmmt-as-c4-3a-ep-s1operator_unit_cdpx-x-a-w-13_firmwareservo_cmmt-as-c7-11a-p3-mp-s1servo_cmmt-as-c2-11a-p3-mp-s1controller_cmxh-st2-c5-7-diopmotor_controller_cmmo-st-c5-1-dionservo_cmmt-as-c7-11a-p3-mp-s1_firmwarecontrol_block_cpx-cec-s1-v3bus_node_cpx-fb36_firmwarecontroller_cecc-x-m1-ys-l1servo_cmmt-as-c2-3a-mp-s1servo_cmmt-as-c5-11a-p3-ep-s1_firmwareservo_cmmt-as-c12-11a-p3-ec-s1operator_unit_cdpx-x-a-w-7_firmwaremotor_controller_cmmo-st-c5-1-lkp_firmwaremotor_controller_cmmp-as-c2-3a-m0servo_cmmt-as-c5-11a-p3-ep-s1servo_cmmt-as-c4-3a-pn-s1servo_cmmt-as-c2-11a-p3-mp-s1_firmwarecontrol_block_cpx-cec-m1_firmwareintegrated_drive_emca-ec-67_firmwarecontrol_block_cpx-cec-c1-v3controller_cecc-x-m1-mv_firmwaremotor_controller_cmmp-as-c5-3a-m3bus_module_cpx-e-ep_firmwaremotor_controller_cmmp-as-c10-11a-p3-m3servo_cmmt-as-c7-11a-p3-ep-s1control_block_cpx-cmxxservo_cmmt-as-c2-3a-ep-s1_firmwarebus_node_cteu-ep_firmwarecompact_vision_system_sboc-ccontroller_cecc-x-m1-ys-l2_firmwaremotor_controller_cmmp-as-c10-11a-p3-m0_firmwarevtem-s1-27servo_cmmt-as-c3-11a-p3-mp-s1servo_cmmt-as-c4-3a-ec-s1_firmwaremotor_controller_cmmp-as-c5-11a-p3-m0_firmwarebus_node_cpx-m-fb45camera_system_chb-c-ncontrol_block_cpx-cec-c1-v3_firmwareservo_cmmt-as-c3-11a-p3-ec-s1_firmwaremotor_controller_cmmp-as-c5-11a-p3-m3bus_node_cteu-pn-ex1ccontrol_block_cpx-cec-c1_firmwarecontroller_sbrd-qbus_node_cpx-fb32_firmwareservo_cmmt-as-c2-11a-p3-ec-s1control_block_cpx-cec-c1controller_cecc-x-m1-mv-s1servo_cmmt-as-c3-11a-p3-pn-s1cecx-x-c1_modular_master_controller_firmwarecontroller_cecc-x-m1bus_module_cpx-e-epbus_node_cpx-fb33_firmwaremotor_controller_cmmp-as-c2-3a-m3_firmwareservo_drive_cmmt-st-c8-1c-ep-s0_firmwareintegrated_drive_emca-ec-67servo_cmmt-as-c5-11a-p3-mp-s1_firmwarebus_node_cpx-fb37_firmwaremotor_controller_cmmo-st-c5-1-diop_firmwareservo_cmmt-as-c3-11a-p3-ec-s1vtem-s1-coperator_unit_cdpx-x-a-w-7compact_vision_system_sboc-qservo_cmmt-as-c12-11a-p3-pn-s1_firmwarecontroller_sbrd-q_firmwarecontrol_block_cpx-cec-m1-v3servo_cmmt-as-c4-3a-mp-s1_firmwareintegrated_drive_emca-ec-67-m-1te-ep_firmwareservo_cmmt-as-c5-11a-p3-pn-s1controller_cecc-x-m1-mvcompact_vision_system_sboi-qethernet\/ip_interface_cpx-ap-i-pn-m12motor_controller_cmmp-as-c2-3a-m3bus_node_cpx-fb37servo_cmmt-as-c2-3a-ec-s1_firmwarecontroller_cecc-d_firmwaremotor_controller_cmmo-st-c5-1-diopbus_node_cpx-fb39servo_cmmt-as-c2-11a-p3-ep-s1servo_cmmt-as-c12-11a-p3-ep-s1_firmwarebus_node_cpx-m-fb35_firmwaremotor_controller_cmmp-as-c2-3a-m0_firmwareservo_cmmt-as-c7-11a-p3-pn-s1_firmwarecompact_vision_system_sboi-mservo_cmmt-as-c5-11a-p3-mp-s1bus_node_cpx-fb33planar_surface_gantry_excm-30_firmwareservo_cmmt-as-c2-11a-p3-pn-s1motor_controller_cmmp-as-c15-11a-p3-m3_firmwareservo_cmmt-as-c12-11a-p3-ep-s1servo_cmmt-as-c2-3a-pn-s1_firmwarevtem-s1-27_firmwarecontroller_cecc-d-bacontrol_block_cpx-cec-m1servo_cmmt-as-c4-3a-ec-s1Bus node CPX-M-FB45Bus node CPX-M-FB44Control block CPX-CEC-S1-V3Servo drive CMMT-ST-C8-1C-EP-S0Integrated drive EMCA-EC-67-*Bus node CPX-FB32Controller CECC-SController CPX-E-CEC-*Control block CPX-CEC-M1Bus node CPX-FB33Camera system CHB-C-NBus node CTEU-PNBus node CTEU-PN-EX1CController CMXH-ST2-C5-7-DIOPEtherNet/IP interface CPX-AP-I-PN-M12Bus module CPX-E-PNMotor controller CMMO-ST-C5-1-LKPControl block CPX-FEC-1-IEControl block CPX-CMXXOperator unit CDPX-X-A-S-10Controller CECX-X-C1Operator unit CDPX-X-A-W-13Operator unit CDPX-X-A-W-4Motor controller CMMT-AS-*Control block CPX-CEC-C1-V3Bus node CPX-FB36Bus node CPX-M-FB34EtherNet/IP interface CPX-AP-I-EP-M12Operator unit CDPX-X-A-W-7Bus node CPX-FB43Compact Vision System SBO*-Q-*Control block CPX-CEC-M1-V3Controller CECC-LKController SBRD-QMotor controller CMMO-ST-C5-1-DIOPBus node CPX-M-FB35Controller CECC-D-BAController CECX-X-M1Motor controller CMMO-ST-C5-1-DIONGateway CPX-IOTVTEM-S1-*Controller CECC-DBus node CTEU-EPControl block CPX-CEC-C1Planar surface gantry EXCM-*Control block CPX-CECCompact Vision System SBO*-C-*Compact Vision System SBO*-M-*Bus module CPX-E-EPController CECC-X-*Servo drive CMMT-ST-C8-1C-PN-S0Motor controller CMMP-AS-*Bus node CPX-FB40Bus node CPX-FB37Bus node CPX-FB39
CWE ID-CWE-1059
Insufficient Technical Documentation
CVE-2022-2319
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.58%
||
7 Day CHG~0.00%
Published-01 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 00:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.

Action-Not Available
Vendor-n/aX.Org Foundation
Product-xorg-serverxorg-x11-server
CWE ID-CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
CVE-2022-2493
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-8.3||HIGH
EPSS-0.45% / 62.74%
||
7 Day CHG~0.00%
Published-22 Jul, 2022 | 03:47
Updated-03 Aug, 2024 | 00:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Data Access from Outside Expected Data Manager Component in openemr/openemr

Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.

Action-Not Available
Vendor-OpenEMR Foundation, Inc
Product-openemropenemr/openemr
CWE ID-CWE-1083
Data Access from Outside Expected Data Manager Component
CVE-2021-28216
Assigner-TianoCore.org
ShareView Details
Assigner-TianoCore.org
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.08%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 20:44
Updated-03 Aug, 2024 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.

Action-Not Available
Vendor-tianocoreTianoCore
Product-edk_iiEDK II
CWE ID-CWE-587
Assignment of a Fixed Address to a Pointer
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2020-13927
Assigner-Apache Software Foundation
ShareView Details
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.24% / 99.92%
||
7 Day CHG~0.00%
Published-10 Nov, 2020 | 00:00
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-18||Apply updates per vendor instructions.

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html#api-authentication. Note this change fixes it for new installs but existing users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide: https://github.com/apache/airflow/blob/1.10.11/UPDATING.md#experimental-api-will-deny-all-request-by-default

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-airflowApache AirflowairflowAirflow's Experimental API
CWE ID-CWE-1056
Invokable Control Element with Variadic Parameters
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-14483
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.3||MEDIUM
EPSS-0.11% / 30.71%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 14:41
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110) and Niagara Enterprise Security (Versions 2.4.31, 2.4.45, 4.8.0.35) to correct.

Action-Not Available
Vendor-tridiumn/a
Product-niagaraniagara_enterprise_securityNiagara
CWE ID-CWE-1088
Synchronous Access of Remote Resource without Timeout