147 matches found
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to insufficient enforcement of length and entropy requirements for the JWTSECRET configuration value. An attacker can gain unauthorized access to user accounts by forging authentication tokens using we...
Inadequate Encryption Strength
github.com/enchant97/note-mark/backend is vulnerable to Inadequate Encryption Strength. The vulnerability is due to missing enforcement of minimum length and entropy requirements for the JWTSECRET value, which allows an attacker to brute-force weak secrets and forge valid JWT tokens...
Inadequate Encryption Strength
Overview github.com/pion/dtls is a DTLS 1.2 Server/Client implementation for Go. Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation Upgrade...
CVE-2020-10636
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained...
Siemens RUGGEDCOM Devices Inadequate Encryption Strength (CVE-2021-37209)
The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in- the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. This plugin only works with...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
EUVD-2025-34346
Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...
CVE-2025-55248
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
EUVD-2020-28690
Malware in sbrugna...
EUVD-2017-14269
Malware in sbrugna...
EUVD-2023-31165
Malicious code in bioql PyPI...
EUVD-2024-19492
Malicious code in bioql PyPI...
EUVD-2021-27520
Malicious code in bioql PyPI...
EUVD-2024-20002
Malicious code in bioql PyPI...