Lucene search
K

11341 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 2:10 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of a Broken or Risky Cryptographic Algorithm, Covert Timing Channel (CVE-2025-14813, CVE-2026-5598)

Summary There are vulnerabilities in bcprov-jdk18on-1.83.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-14813, CVE-2026-5598. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm...

9.9CVSS5.3AI score0.00691EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/16 2:23 a.m.9 views

SUSE CVE-2026-9641

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000 iterations. Depending on the chosen algorithm, 220,000 to 1,400,000...

5.3CVSS5.3AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 12:34 a.m.9 views

EUVD-2026-37020

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

6.9CVSS5.3AI score0.00232EPSS
Exploits0References5
NVD
NVD
added 2026/06/16 12:16 a.m.10 views

CVE-2026-9261

Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

9.8CVSS0.00184EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 12:16 a.m.8 views

CVE-2026-9260

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

9.8CVSS0.00232EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/06/16 12:0 a.m.7 views

Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.4AI score0.0016EPSS
Exploits1References4
CVE
CVE
added 2026/06/15 11:39 p.m.14 views

CVE-2026-9261

The CVE relates to Canon EOS Network Setting Tool (Canon) versions 1.5.0 or earlier that use weak SSH cryptographic algorithms. Root cause: weak SSH crypto in the tool could affect confidentiality and integrity (per CVSS metrics indicating high impact on these areas) with network access as the at...

9.8CVSS5.3AI score0.00184EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/15 11:38 p.m.18 views

CVE-2026-9260

CVE-2026-9260 concerns the Canon EOS Network Setting Tool, affected in version 1.5.0 or earlier. The underlying issue is the use of hard-coded cryptographic keys, which can undermine confidentiality, integrity, and availability of communications or data protected by these keys. The CVSS data indi...

9.8CVSS5.3AI score0.00232EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:18 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of a Broken or Risky Cryptographic Algorithm (CVE-2026-5588)

Summary There are vulnerabilities in bcpkix-jdk18on-1.83.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-5588. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion...

7.5CVSS7.1AI score0.00392EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/15 5:24 p.m.8 views

GHSA-39PV-4J6C-2G6V @angular/common: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning

Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering SSR so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in TransferState using a cache key generated by hashing reque...

8.8CVSS5.3AI score0.0009EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/15 5:24 p.m.108 views

@angular/common: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning

Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering SSR so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in TransferState using a cache key generated by hashing reque...

8.8CVSS5.3AI score0.0009EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/15 3:5 p.m.7 views

SUSE-SU-2026:2399-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delt...

8.8CVSS8.3AI score0.02719EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.10 views

CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.2AI score0.00305EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 10:5 a.m.13 views

EUVD-2026-36712

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.3AI score0.0012EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:5 a.m.8 views

CVE-2026-34029 Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.2AI score0.0012EPSS
Exploits1References2
CVE
CVE
added 2026/06/15 10:5 a.m.21 views

CVE-2026-34029

The CVE-2026-34029 entry affects Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014). A hard-coded cryptographic key exists in SafeSystem.Infrastructure.Security.dll that an attacker with access to application files can reverse‑engineer to recover. This key enables decrypting licen...

6.8CVSS5.3AI score0.0012EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 10:5 a.m.38 views

CVE-2026-34029 Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS0.0012EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:2 a.m.8 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS5.4AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 10:2 a.m.19 views

CVE-2026-34021

The CVE-2026-34021 entry concerns Wertheim SafeController 5400 (Controller 5400) with AssemblyVersion 6.11.8130.22320. The root cause is lack of cryptographic protection in RS-485 communications between the server and the microcontroller. This enables an attacker with access to the RS-485 path to...

8.6CVSS5.5AI score0.00196EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 10:2 a.m.36 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS0.00196EPSS
Exploits0References2
Rows per page
Query Builder