Lucene search
+L

4 matches found

NVD
NVD
added 2026/07/07 4:16 p.m.10 views

CVE-2026-14969

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...

4.4CVSS0.00077EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 5:17 p.m.13 views

CVE-2026-45787 electerm's encrypt method not safe enough

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

6CVSS5.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2022/08/15 11:21 a.m.2 views

CVE-2022-37400

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...

8.8CVSS5.8AI score0.0082EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/20 12:0 a.m.3 views

Zoom Client Encryption Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An encryption issue vulnerability exists in Zoom Client for Meetings version 4.6.11, which stems from the airhost.exe file using 3423423432325249 as the initialization vector IV for AES-256 CBC...

7.5CVSS7AI score0.01524EPSS
Exploits1References1
Rows per page
Query Builder