Lucene search
K

818 matches found

CNVD
CNVD
added 2024/04/24 12:0 a.m.10 views

IBM Aspera Faspex Encryption Problem Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. IBM Aspera Faspex has an encryption issue vulnerability that can be exploited by an attacker to obtain sensitive information...

5.5CVSS6.3AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/19 12:0 a.m.3 views

IBM Aspera 加密问题漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. IBM Aspera Faspex has an encryption issue vulnerability that can be exploited by an attacker to obtain sensitive information...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.5 views

Google Pixel Security Breach

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from an improper use of encryption in the TBD module, which could lead to authentication bypass...

8.4CVSS6.8AI score0.00097EPSS
Exploits0References3
CNVD
CNVD
added 2024/03/06 12:0 a.m.5 views

Dell PowerScale OneFS Information Disclosure Vulnerability (CNVD-2024-16220)

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An information disclosure vulnerability exists in Dell PowerScale OneFS that arises from the inclusion of the use of corrupt or risky encryption algorithms. An...

9.1CVSS6.2AI score0.00281EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/03/05 6:22 p.m.3 views

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

2.7CVSS5.7AI score0.00809EPSS
Exploits0References4
Prion
Prion
added 2024/03/01 11:15 a.m.21 views

Code injection

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

2.6CVSS7.1AI score0.00132EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/20 12:40 p.m.3 views

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

2.7CVSS5.7AI score0.00809EPSS
Exploits0References4
Veracode
Veracode
added 2024/02/06 12:16 p.m.25 views

Timing Attack

Cryptography is vulnerable to a Timing Attack. This vulnerability is due to the predictable structure of padding in ciphertexts during RSA encryption. This flaw enables an attacker to distinguish between different types of padding errors, potentially leading to the decryption of captured messages...

7.5CVSS6.8AI score0.01118EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.3 views

PT-2024-40543 · Amazon · Awskms

Name of the Vulnerable Software and Affected Versions: awskms and aesgcm providers affected versions not specified Description: The issue concerns the risk of an IV collision when using the awskms or aesgcm provider for encryption, particularly in scenarios like database column encryption where...

6.7AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/29 7:18 p.m.23 views

Security Bulletin: TLS padding vulnerability affects Content Manager Enterprise Edition (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects Content Manager Enterprise Edition. Vulnerability Details CVE-ID : CVE-2014-8730 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...

4.3CVSS2.6AI score0.1372EPSS
Exploits0Affected Software1
Prion
Prion
added 2024/01/09 7:15 a.m.9 views

Design/Logic Flaw

An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visitin...

5.8CVSS7.3AI score0.00173EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/09 12:0 a.m.7 views

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...

8.3CVSS7.3AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2024/01/03 2:15 a.m.3 views

CVE-2023-50350

HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...

7.5CVSS5.8AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/23 12:0 a.m.4 views

MOXA ioLogik E1200 Series 加密问题漏洞

MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from MOXA, China. The MOXA ioLogik E1200 Series suffers from an encryption issue vulnerability that can be exploited by attackers to obtain sensitive information...

6.5CVSS6.6AI score0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/27 12:0 a.m.26 views

CVE-2023-48034

An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...

6.3AI score0.00248EPSS
Exploits0References1
PyPA
PyPA
added 2023/11/20 11:15 p.m.8 views

PYSEC-2023-302

An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...

7.5CVSS6.7AI score0.00248EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/16 6:15 p.m.4 views

CVE-2023-48055

SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References2
OSV
OSV
added 2023/11/16 6:15 p.m.13 views

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

7.5CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2023/11/16 6:15 p.m.15 views

Hardcoded credentials

SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...

5CVSS7.1AI score0.00371EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2023/11/15 12:0 a.m.34 views

Weak Encryption Vulnerability in Multiple Siemens Products

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...

6.9CVSS6.7AI score0.00446EPSS
Exploits0References1
Rows per page
Query Builder