CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/03/13 6:57 p.m.•0 views

GHSA-Q298-375F-5Q63 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC driver “Driver”. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption master key of the target stage during the execution of GET/PUT commands. This key by itself does not...

3.3CVSS6.1AI score0.00114EPSS

Exploits0References4

Vulnrichment•added 2025/03/13 6:17 p.m.•5 views

CVE-2025-2229 Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations...

8.5CVSS7.6AI score0.00035EPSS

CNNVD•added 2025/03/13 12:0 a.m.•2 views

Snowflake JDBC Driver 日志信息泄露漏洞

Snowflake JDBC Driver is an open source Snowflake JDBC driver from Snowflake Computing. A log information disclosure vulnerability exists in Snowflake JDBC Driver versions 3.0.13 through 3.23.0, which stems from the Driver locally logging the client-side encryption master key for the target phase...

3.3CVSS7AI score0.00114EPSS

Exploits0References4

RedHat Linux•added 2025/03/05 12:32 a.m.•1 views

kernel: cifs: Return correct error code from smb2_get_enc_key

In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2getenckey Avoid a warning if the error percolates back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ cut here...

5.5CVSS6.8AI score0.00011EPSS

Exploits0References5

CNNVD•added 2025/03/05 12:0 a.m.•1 views

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins versions 2.499 and earlier and 2.492.1 and earlier, which stems from an...

4.3CVSS6.1AI score0.00751EPSS

Tenable Nessus•added 2025/03/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2023-24023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-midd...

6.8CVSS6.8AI score0.00203EPSS

Exploits1References4

CNNVD•added 2025/03/05 12:0 a.m.•1 views

Jenkins 安全漏洞

4.3CVSS6.1AI score0.00717EPSS

Tenable Nessus•added 2025/03/05 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-46795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer...

5.5CVSS6.2AI score0.00024EPSS

CNNVD•added 2025/02/28 12:0 a.m.•2 views

Minut M2 安全漏洞

Minut M2 is an outdoor sensor from Minut. A security vulnerability exists in Minut M2 version 15142, which originates from internal flash encryption key extraction and could lead to a physical neighbor attacker injecting modifications to the firmware...

6.8CVSS6.4AI score0.00056EPSS

CNNVD•added 2025/02/26 12:0 a.m.•1 views

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in the SunGrow iSolarCloud Android app version...

6.5CVSS6.6AI score0.00163EPSS

NVD•added 2025/02/14 4:15 a.m.•6 views

CVE-2025-1053

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANna...

8.6CVSS0.00169EPSS

OSV•added 2025/02/14 4:15 a.m.•1 views

CVE-2025-1053

4.9CVSS7.3AI score

Cvelist•added 2025/02/14 3:47 a.m.•10 views

CVE-2025-1053 Brocade SANnav encryption key is logged in the debug logs

8.6CVSS0.00169EPSS

Vulnrichment•added 2025/02/14 3:47 a.m.•5 views

CVE-2025-1053 Brocade SANnav encryption key is logged in the debug logs

8.6CVSS6.7AI score0.00169EPSS

CVE•added 2025/02/14 3:47 a.m.•61 views

CVE-2025-1053

CVE-2025-1053 affects Brocade SANnav. Under certain error conditions during installation or upgrade, the encryption key can be written to and retrieved from a SANnav supportsave. An attacker with privileged access to the SANnav database could use that key to obtain passwords used by SANnav. Conne...

8.6CVSS6.7AI score0.00169EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/02/14 12:0 a.m.•2 views

Broadcom SANnav 安全漏洞

Broadcom SANnav is a suite of SAN management platforms from Broadcom Corporation USA. A security vulnerability exists in Broadcom SANnav that stems from an encryption key that could be written to and retrieved from Brocade SANnav's supportsave during Brocade SANnav installations or upgrades under...

8.6CVSS6.6AI score0.00169EPSS

Broadcom•added 2025/02/13 12:0 a.m.•7 views

Brocade SANnav encryption key is logged in the debug logs (CVE-2025-1053)

Under certain error conditions at time of Brocade SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Broca...

8.6CVSS6.8AI score0.00169EPSS

Exploits0

RedhatCVE•added 2025/02/07 9:46 a.m.•5 views

CVE-2024-38404

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem...

7.5CVSS6.9AI score0.00311EPSS