Critical
CVSS: 9.6
Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps (formerly add-ons) configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge…
Medium
CVSS: 5.1
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints.
Low
CVSS: 0.9
An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended…
High
CVSS: 7.5
Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
Low
CVSS: 2.4
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). Affected devices contain improper access control that could allow a…
Medium
CVSS: 5.9
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.
Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of oth…
High
CVSS: 8.7
An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS respo…
Medium
CVSS: 6.2
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this vulnerability might lead to escalation of privileges, d…
Medium
CVSS: 5.3
By manipulating the Signal Level Attenuation Characterization (SLAC)
protocol with spoofed measurements, an attacker can stage a
man-in-the-middle attack between an electric vehicle and chargers that
comply with the ISO 15118-2 part. Thi…
High
CVSS: 7.0
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
Medium
CVSS: 6.7
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.
Medium
CVSS: 6.9
Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary re…
Low
CVSS: 3.1
An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unaut…
High
CVSS: 8.8
A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC) for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated, remote attacker to access internal ser…
Medium
CVSS: 4.0
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensi…
High
CVSS: 7.6
CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
Medium
CVSS: 6.9
Quick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, a remote unauthenticated attacker may attempt to log in to an arbitrary host via Windows system where…
High
CVSS: 7.5
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet Forti…
High
CVSS: 8.3
Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker with remote access could p…
Low
CVSS: 2.0
Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software before version 23.80 may allow an unauthenticated user to potentially enable information disclosure via ad…