CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

690 matches found

Vulnrichment•added 2024/01/03 1:50 a.m.•1 views

CVE-2023-50350 A broken cryptographic algorithm impacts MyXalytics

HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...

8.2CVSS7AI score0.00035EPSS

Exploits0References1

Tenable Nessus•added 2024/01/03 12:0 a.m.•20 views

Moxa ioLogik E1200 Series Use of a Broken or Risky Cryptographic Algorithm (CVE-2023-5962)

A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. This plugin...

6.5CVSS6.4AI score0.00069EPSS

Exploits0References2

Rosalinux•added 2023/12/26 11:51 a.m.•24 views

Advisory ROSA-SA-2023-2316

Software: libgcrypt 1.8.5 OS: ROSA Virtualization 2.1 packageevrstring: libgcrypt-1.8.5-7.rv3.src.rpm CVE-ID: CVE-2021-40528 BDU-ID: 2022-00593 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm. Exploitation ...

5.9CVSS6.7AI score0.00097EPSS

Exploits1

NVD•added 2023/12/23 9:15 a.m.•10 views

CVE-2023-5962

6.5CVSS0.00069EPSS

Exploits0References1

Prion•added 2023/12/23 9:15 a.m.•9 views

Authorization

4CVSS7AI score0.00069EPSS

Exploits0References1Affected Software10

Cvelist•added 2023/12/23 9:9 a.m.•9 views

CVE-2023-5962 ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability

6.5CVSS6.5AI score0.00069EPSS

Exploits0References1

IBM Security Bulletins•added 2023/12/18 5:47 p.m.•47 views

Security Bulletin: Vulnerability in CloudPak for AIOPs [CVE-2023-46233]

Summary Vulnerability was addressed in IBM Cloud Pak for AIOps version 4.3.0 CVE-2023-46233 Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION: Brix crypto-js could allow a remote attacker to obtain sensitive information, caused by the use of a weak cryptographic hash algorithm. By utilize...

9.1CVSS8.8AI score0.01112EPSS

Exploits0Affected Software1

Tenable Nessus•added 2023/12/13 12:0 a.m.•35 views

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6548-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-3 advisory. It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive...

8.8CVSS7.3AI score0.08308EPSS

Exploits4References11

Tenable Nessus•added 2023/12/07 12:0 a.m.•68 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP2 (RHSA-2023:7625)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7625 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

9.8CVSS7.6AI score0.944EPSS

Exploits27References24

Github Security Blog•added 2023/12/06 6:30 a.m.•26 views

pubnub Insufficient Entropy vulnerability

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

5.9CVSS7AI score0.00381EPSS

Exploits1References21Affected Software9

NVD•added 2023/12/06 5:15 a.m.•17 views

CVE-2023-26154

5.9CVSS0.00381EPSS

Exploits1References17

CVE•added 2023/12/06 5:0 a.m.•64 views

CVE-2023-26154

CVE-2023-26154 corresponds to an Insufficient Entropy vulnerability in PubNub crypto, caused by the AES-256-CBC implementation’s insecure entropy/ key handling. Affected packages include PubNub core libraries across multiple languages (pubnub, com.pubnub:pubnub, github.com/pubnub/go and variants)...

5.9CVSS5.6AI score0.00381EPSS

Exploits1References17Affected Software4

Cvelist•added 2023/12/06 5:0 a.m.•14 views

CVE-2023-26154

5.9CVSS5.9AI score0.00381EPSS

Exploits1References17

OSV•added 2023/12/01 11:6 a.m.•1 views

OESA-2023-1859 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An out-of-bounds read vulnerability was found in Netfilter Connection Tracking conntrack in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.CVE-2023-39197 A null pointer...

7.5CVSS6AI score0.00039EPSS

Exploits0References3

OSV•added 2023/11/16 6:15 p.m.•7 views

CVE-2023-6176

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their...

4.7CVSS7.8AI score0.0001EPSS

Exploits0References7

NVD•added 2023/11/16 6:15 p.m.•11 views

CVE-2023-6176

4.7CVSS0.0001EPSS

Exploits0References7

Prion•added 2023/11/16 6:15 p.m.•34 views

Null pointer dereference

1CVSS6.8AI score0.0001EPSS

Exploits0References4Affected Software1