CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prior to UR firmware Version 8.1x, UR supported various encryption and MAC algorithms for SSH communication, some of which are weak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

7.5CVSS7AI score0.95707EPSS

Exploits7References3

CVE•added 2025/09/09 2:11 a.m.•15 views

CVE-2025-42933

CVE-2025-42933 affects SAP Business One through the SLD backend service, where a flaw in enforcing encryption of certain APIs exposes sensitive credentials in HTTP response bodies. The issue impacts confidentiality, integrity, and availability. CVSS 3.1 base score 8.8 (Network, Low attack complex...

8.8CVSS6.1AI score0.00257EPSS

Exploits0References2

NVD•added 2025/08/28 9:15 a.m.•2 views

CVE-2025-46409

Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker...

8.7CVSS0.00215EPSS

Exploits0References2

CVE•added 2025/08/28 8:27 a.m.•17 views

CVE-2025-46409

SS1 is affected by CVE-2025-46409 (Inadequate encryption strength) in SS1 Ver.16.0.0.10 and earlier (Media 16.0.0a and earlier). The issue may allow a remote, unauthenticated user to access a function that requires authentication. Public references also document additional vulnerabilities in SS1 ...

8.7CVSS7.7AI score0.00215EPSS

Exploits0References2

CNNVD•added 2025/08/28 12:0 a.m.•1 views

DOS & CO SS1 加密问题漏洞

DOS & CO SS1 is an asset management tool from DOS & CO Japan. An encryption issue vulnerability exists in DOS & CO SS1 Ver.16.0.0.10 and earlier versions, which stems from insufficient encryption strength and could lead to unauthorized access...

8.7CVSS7.5AI score0.00215EPSS

Exploits0References3

Positive Technologies•added 2025/08/28 12:0 a.m.•2 views

PT-2025-34972

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier Description: An inadequate encryption strength issue exists that may allow a remote, unauthenticated attacker to access a function requiring authentication...

8.7CVSS7.7AI score0.00215EPSS

Exploits0References5

NVD•added 2025/08/27 6:15 a.m.•2 views

CVE-2025-9513

A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument privkey causes inadequate encryption strength. Remote exploitation of the attack is possible. A high...

6.3CVSS0.00141EPSS

Exploits0References4

CVE•added 2025/08/27 5:32 a.m.•13 views

CVE-2025-9513

The CVE-2025-9513 issue affects editso fuso up to version 1.0.4-beta.7. The vulnerable component is PenetrateRsaAndAesHandshake in src/net/penetrate/handshake/mod.rs, where manipulating the priv_key argument leads to inadequate encryption strength. This enables remote exploitation, though exploit...

6.3CVSS4.2AI score0.00141EPSS

Exploits0References4

RedhatCVE•added 2025/08/22 6:26 p.m.•5 views

CVE-2025-9239

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

6.3CVSS4.1AI score0.00178EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by