CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-32758 – exacqVision - Key exchanges
https://notcve.org/view.php?id=CVE-2024-32758
01 Aug 2024 — Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange • https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-01 • CWE-326: Inadequate Encryption Strength •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-32753 – TYCO Illustra Pro Gen 4 - JQuery version
https://notcve.org/view.php?id=CVE-2024-32753
11 Jul 2024 — Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component • https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-03 • CWE-1395: Dependency on Vulnerable Third-Party Component •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32932 – American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - stored web interface
https://notcve.org/view.php?id=CVE-2024-32932
02 Jul 2024 — Under certain circumstances the web interface users credentials may be recovered by an authenticated user. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-07 • CWE-257: Storing Passwords in a Recoverable Format •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32757 – American Dynamics Illustra Essentials Gen 4 - Linux Credential Leak
https://notcve.org/view.php?id=CVE-2024-32757
02 Jul 2024 — Under certain circumstances unnecessary user details are provided within system logs • https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-06 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32756 – American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - Linux
https://notcve.org/view.php?id=CVE-2024-32756
02 Jul 2024 — Under certain circumstances the Linux users credentials may be recovered by an authenticated user. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-05 • CWE-257: Storing Passwords in a Recoverable Format •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32755 – American Dynamics Illustra Essentials Gen 4 - Log Filter Input Validation
https://notcve.org/view.php?id=CVE-2024-32755
02 Jul 2024 — Under certain circumstances the web interface will accept characters unrelated to the expected input. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-04 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-32752 – Johnson Controls Software House iStar Pro Door Controller
https://notcve.org/view.php?id=CVE-2024-32752
06 Jun 2024 — Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration. En determinadas circunstancias, las comunicaciones entre la herramienta ICU y un controlador de puerta iSTAR Pro son susceptibles a ataques Machine-in-the-Middle que podrían afectar el control y la configuración de la puerta. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-04 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0912 – CCURE passwords exposed to administrators
https://notcve.org/view.php?id=CVE-2024-0912
05 Jun 2024 — Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions En determinadas circunstancias, Microsoft® Internet Information Server (IIS) utilizado para alojar el servidor web C•CURE 9000 registrará los detalles de las credenciales de Microsoft Windows en los registros. No hay ningún impacto en las interfaces de serv... • https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0242 – Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub
https://notcve.org/view.php?id=CVE-2024-0242
08 Feb 2024 — Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings. En determinadas circunstancias, el software del panel IQ Panel4 e IQ4 Hub anterior a la versión 4.4.2 podría permitir el acceso no autorizado a la configuración. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-039-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0248 – Kantech Gen1 ioSmart card reader
https://notcve.org/view.php?id=CVE-2023-0248
14 Dec 2023 — An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader. Un atacante con acceso físico al lector de tarjetas Kantech Gen1 ioSmart con versión de firmware anterior a 1.7.2 en determinadas circunstancias puede recuperar la memoria de comunicación del lector entre la tarjeta y el lector. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •