Lucene search
K

1126 matches found

Cvelist
Cvelist
added 5 days ago30 views

CVE-2025-63579

Unauthorized use of Kyocera printers, allows all information stored in the Kyocera address book to be exported. The security measure that encrypts incoming data ian be bypassed with this vulnerability, allowing encrypted data to be decrypted. Passwords and other sensitive information can be...

0.00199EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 6 days ago5 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 6 days ago5 views

Apache Tomcat: Apache Tomcat: Missing Encryption of Sensitive Data due to EncryptInterceptor bypass

A flaw was found in Apache Tomcat. This vulnerability, categorized as Missing Encryption of Sensitive Data, arises from a bypass in the EncryptInterceptor, a component designed to ensure data encryption. This bypass, introduced as a fix for CVE-2026-29146, allows sensitive data to remain...

7.5CVSS6.1AI score0.21691EPSS
Exploits6References5
Cvelist
Cvelist
added last week46 views

CVE-2026-14969 389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...

4.4CVSS0.00077EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-59852

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...

9.1CVSS5.5AI score0.00088EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

7.1CVSS5.5AI score0.00104EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/06/05 3:47 p.m.28 views

K000161601: Apache Tomcat vulnerability CVE-2026-34486

Security Advisory Description Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21,...

7.5CVSS5.8AI score0.21691EPSS
Exploits6Affected Software1
EUVD
EUVD
added 2026/06/04 7:22 a.m.10 views

EUVD-2026-34222

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46160

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.2CVSS5.8AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 6:16 p.m.18 views

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

7.1CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.9 views

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

5.8AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 12:0 a.m.18 views

CVE-2026-36606

CVE-2026-36606 affects Mercusys AC12G (EU) V1 router running firmware AC12G(EU)_V1_200909. The vulnerability stems from encrypting configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who gains a backup file can decrypt it to recover all stored credentials, inc...

7.1CVSS5.8AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.12 views

CVE-2026-5065

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-5065

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

8.8CVSS0.0019EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/27 12:56 p.m.8 views

CVE-2026-5065 IBM Controller is affected by vulnerabilities

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 12:56 p.m.24 views

CVE-2026-5065

CVE-2026-5065: IBM Controller versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contain hard-coded credentials used for inbound authentication, outbound communication, or internal data encryption. Affected products: IBM Controller 11.0.1–11.1.2. Severity is high (CVSS v3.1: 8.8, NETWORK attack vector, ...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.16 views

EUVD-2026-32423

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.7 views

CVE-2026-5065

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

8.8CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

IBM Controller 信任管理问题漏洞

IBM Controller is a web-based financial consolidation tool developed by the American multinational company International Business Machines IBM. Versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2 of IBM Controller contain vulnerabilities related to trust management. These vulnerabilities stem from the us...

8.8CVSS5.9AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder