Total
140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43099 | 2024-09-14 | N/A | 8.8 HIGH | ||
| The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing authenticated session. To successfully achieve this, the attacker also needs to spoof both the IP address and MAC address of the originating host which is typical of a session-based attack. | |||||
| CVE-2023-0036 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. | |||||
| CVE-2023-0035 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege. | |||||
| CVE-2024-8260 | 2024-09-03 | N/A | 6.1 MEDIUM | ||
| A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions. | |||||
| CVE-2024-38438 | 1 Dlink | 2 Dsl-225, Dsl-225 Firmware | 2024-08-29 | N/A | 9.8 CRITICAL |
| D-Link - CWE-294: Authentication Bypass by Capture-replay | |||||
| CVE-2024-3982 | 1 Hitachienergy | 1 Microscada X Sys600 | 2024-08-28 | N/A | 8.2 HIGH |
| An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator rights can enable it. | |||||
| CVE-2023-23397 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-08-14 | N/A | 9.8 CRITICAL |
| Microsoft Outlook Elevation of Privilege Vulnerability | |||||
| CVE-2024-38890 | 2024-08-07 | N/A | 8.4 HIGH | ||
| An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks. | |||||
| CVE-2020-24722 | 1 Exposure Notifications Project | 1 Exposure Notifications | 2024-08-04 | 2.6 LOW | 5.9 MEDIUM |
| An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause metadata deanonymization and risk-score inflation. NOTE: the vendor's position is "We do not believe that TX power authentication would be a useful defense against relay attacks. | |||||
| CVE-2023-33281 | 1 Nissan | 2 Sylphy Classic 2021, Sylphy Classic 2021 Firmware | 2024-08-02 | N/A | 6.5 MEDIUM |
| The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack. NOTE: the vendor's position is that this cannot be reproduced with genuine Nissan parts: for example, the combination of keyfob and door handle shown in the exploit demonstration does not match any technology that Nissan provides to customers. | |||||
| CVE-2024-37016 | 2024-08-01 | N/A | 6.8 MEDIUM | ||
| Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach. | |||||
| CVE-2024-5249 | 2024-07-31 | N/A | 5.4 MEDIUM | ||
| In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | |||||
| CVE-2024-38272 | 2024-07-29 | N/A | N/A | ||
| There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quick Share or above | |||||
| CVE-2024-29850 | 2024-07-03 | N/A | 8.8 HIGH | ||
| Veeam Backup Enterprise Manager allows account takeover via NTLM relay. | |||||
| CVE-2023-47435 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected pages. | |||||
| CVE-2024-4009 | 1 Abb | 10 2tma310010b0001, 2tma310010b0001 Firmware, 2tma310010b0003 and 7 more | 2024-06-18 | N/A | 7.8 HIGH |
| Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | |||||
| CVE-2024-34065 | 2024-06-13 | N/A | 7.1 HIGH | ||
| Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch. | |||||
| CVE-2024-38284 | 2024-06-13 | N/A | N/A | ||
| Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls. | |||||
| CVE-2024-29901 | 2024-04-01 | N/A | 4.8 MEDIUM | ||
| The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the `x-workos-session` header. The vulnerability is patched in v0.4.2. | |||||
| CVE-2023-46892 | 1 Meross | 2 Msh30q, Msh30q Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature). | |||||