CVE & Exploit Intelligence Database

CVE-2024-36250 3.1 LOW EPSS 0.00

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against replay attacks, which allows an attacker to reuse the MFA code within ~30 seconds

CWE-294 Nov 09, 2024

CVE-2024-40715 7.7 HIGH EPSS 0.00

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.

CWE-294 Nov 07, 2024

CVE-2024-22066 7.5 HIGH EPSS 0.00

There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device.

CWE-294 Oct 29, 2024

CVE-2024-46041 8.8 HIGH EPSS 0.00

IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay.

CWE-294 Oct 07, 2024

CVE-2024-39081 4.2 MEDIUM 1 PoC Analysis EPSS 0.03

An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications.

CWE-294 Sep 18, 2024

CVE-2024-43099 8.8 HIGH EPSS 0.00

The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing authenticated session. To successfully achieve this, the attacker also needs to spoof both the IP address and MAC address of the originating host which is typical of a session-based attack.

CWE-294 Sep 13, 2024

CVE-2024-8260 6.1 MEDIUM EPSS 0.00

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.

CWE-294 Aug 30, 2024

CVE-2024-3982 8.2 HIGH EPSS 0.00

An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator rights can enable it.

CWE-294 Aug 27, 2024

CVE-2024-45244 5.3 MEDIUM 2 PoCs Analysis EPSS 0.01

Hyperledger Fabric through 3.0.0 and 2.5.x through 2.5.9 do not verify that a request has a timestamp within the expected time window.

CWE-294 Aug 25, 2024

CVE-2024-38890 8.4 HIGH EPSS 0.00

An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks.

CWE-294 Aug 02, 2024

CVE-2024-5249 5.4 MEDIUM EPSS 0.00

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.

CWE-294 Jul 30, 2024

CVE-2024-38438 9.8 CRITICAL EPSS 0.00

D-Link - CWE-294: Authentication Bypass by Capture-replay

CWE-294 Jul 21, 2024

CVE-2024-37016 6.8 MEDIUM EPSS 0.00

Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via a Capture-Replay approach.

CWE-294 Jul 15, 2024

CVE-2024-38272 4.3 MEDIUM EPSS 0.00

There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quick Share or above

CWE-294 Jun 26, 2024

CVE-2024-38284 EPSS 0.00

Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls.

CWE-294 Jun 13, 2024

CVE-2024-34065 7.1 HIGH EPSS 0.01

Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch.

CWE-601 Jun 12, 2024

CVE-2024-4009 9.2 CRITICAL EPSS 0.00

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

CWE-294 Jun 05, 2024

CVE-2024-29851 7.2 HIGH EPSS 0.00

Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.

CWE-294 May 22, 2024

CVE-2024-29850 8.8 HIGH EPSS 0.01

Veeam Backup Enterprise Manager allows account takeover via NTLM relay.

CWE-294 May 22, 2024

CVE-2023-47435 9.8 CRITICAL EPSS 0.00

An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected pages.

CWE-294 Apr 19, 2024