Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3010 | 1 Priva | 1 Top Control Suite | 2024-11-21 | N/A | 7.5 HIGH |
| The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. Which makes it possible for an attacker to calculate the login credentials for the Priva TopControll suite. | |||||
| CVE-2024-43698 | 2024-10-23 | N/A | 9.8 CRITICAL | ||
| Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system. | |||||
| CVE-2024-42027 | 2024-10-07 | N/A | 6.7 MEDIUM | ||
| The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources. | |||||
| CVE-2024-40892 | 2024-08-21 | N/A | 7.1 HIGH | ||
| A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely). | |||||