Lucene search
K

60 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28836

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00305EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-8245

Malicious code in bioql PyPI...

7.4CVSS6AI score0.0047EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-55663

Malicious code in bioql PyPI...

8.3CVSS7AI score0.00173EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-35000

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00323EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-2545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails se...

2.3CVSS5.5AI score0.0016EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after...

5.5CVSS6AI score0.00092EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53671

Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

7AI score0.00175EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

The Security Overview and Analysis of 3GPP 5G MAC CE

To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.7 views

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...

8.3CVSS7.1AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.9 views

CVE-2022-29482

'Mobaoku-Auction Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack...

4.3CVSS6.4AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2025/03/22 12:0 a.m.148 views

CVE-2025-30472

CVE-2025-30472 is a vulnerability in the Corosync library (through 3.1.9) that enables a stack-based buffer overflow when encryption is disabled or the attacker knows the key and processes a large UDP packet. Connected sources specify affected contexts (Corosync 3.1.x) and note fixes: IBM/Db2 bul...

9.8CVSS7.4AI score0.00433EPSS
Exploits1References4Affected Software1
ICS
ICS
added 2025/02/11 12:0 a.m.5 views

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the sensitive information from the filesystem of the device. Siemens is preparing fix versions and recommends specific...

5.1CVSS6.7AI score0.00153EPSS
Exploits0References10
CVE
CVE
added 2025/01/23 4:37 p.m.61 views

CVE-2024-52331

ECOVACS robot lawnmowers and vacuums are affected by CVE-2024-52331 due to a deterministic symmetric key used to decrypt firmware updates. This allows an attacker to create and encrypt malicious firmware that will be decrypted and installed by the device. The description and connected entries con...

7.7CVSS7.5AI score0.00209EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.4 views

PT-2024-21694 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns Toshiba printers that have programs containing a hardcoded key used for file encryption. An attacker can exploit this by using the hardcoded key to decrypt...

6.2CVSS6.9AI score0.00156EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/05/18 12:0 a.m.3 views

PT-2024-25694 · Aiosmtpd · Aiosmtpd

Name of the Vulnerable Software and Affected Versions: aiosmtpd versions prior to 1.4.6 Description: The issue concerns servers based on aiosmtpd, which accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by...

5.4CVSS7AI score0.00371EPSS
Exploits0References20
OSV
OSV
added 2023/11/28 7:15 a.m.6 views

DEBIAN-CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS...

6.8CVSS6.4AI score0.01297EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.7 views

Fortinet FortiSIEM 加密问题漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. A security vulnerability exists in Fortinet FortiSIEM versions prior to 6.7...

7.5CVSS7.2AI score0.00359EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.3 views

SUSE CVE-2021-32728

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a privat...

6.5CVSS6.2AI score0.00851EPSS
Exploits1References3
OSV
OSV
added 2022/08/13 11:4 a.m.5 views

OESA-2022-1833 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under so...

5.3CVSS6.9AI score0.04425EPSS
Exploits0References2
OSV
OSV
added 2022/03/10 5:43 p.m.5 views

CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in...

3.3CVSS3.6AI score
Exploits0References4
Rows per page
Query Builder