Lucene search
K

83 matches found

Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-5142 Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass

A flaw was found in foreman. Authenticated users with 'viewkeypairs' permission can bypass taxonomy scoping, allowing them to download private SSH Secure Shell keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant...

6.5CVSS0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.9 views

cryptography 安全漏洞

cryptography is an open-source Python encryption library developed by Python Cryptographic Authority. Versions of cryptography prior to 46.0.5 contained security vulnerabilities. These vulnerabilities stemmed from multiple public key-related functions that did not verify whether the point belonge...

8.2CVSS6.9AI score0.00341EPSS
Exploits0References5
CNVD
CNVD
added 2025/10/31 12:0 a.m.5 views

ZTE ZXMP M721 Private Key Disclosure Vulnerability

The ZTE ZXMP M721 is a metro edge OTN Optical Transport Network device from ZTE, China. The ZTE ZXMP M721 suffers from a private key disclosure vulnerability, which originates from a low-privilege user being able to bypass authorization checks to view the device's communication private key, and...

7.7CVSS5.9AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 8:55 a.m.12 views

CVE-2025-46582

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security...

7.7CVSS6.6AI score0.00311EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 8:44 a.m.4 views

EUVD-2025-36130

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security...

7.7CVSS6.1AI score0.00311EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.8 views

PT-2025-43911

Name of the Vulnerable Software and Affected Versions ZTE ZXMP M721 affected versions not specified Description A private key disclosure issue exists in the ZTE ZXMP M721 product. A user with low privileges can bypass authorization checks to view the device's communication private key, leading to...

7.7CVSS6.2AI score0.00311EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.6 views

Sauter modu680-AS 信任管理问题漏洞

Sauter modu680-AS is a modular automation station cum web server from Sauter, Switzerland. A trust management issue vulnerability exists in Sauter modu680-AS, which stems from the use of hard-coded certificates to verify the authenticity of SOAP messages, which could lead to private key disclosur...

7.5CVSS6.6AI score0.00246EPSS
Exploits0References2
OSV
OSV
added 2025/10/11 1:20 p.m.8 views

OESA-2025-2384 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

6.5CVSS6.9AI score0.01212EPSS
Exploits0References2
OSV
OSV
added 2025/10/11 1:20 p.m.5 views

OESA-2025-2381 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

6.5CVSS6.9AI score0.01212EPSS
Exploits0References2
OSV
OSV
added 2025/10/11 1:20 p.m.8 views

OESA-2025-2380 xml-security security update

The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...

6.5CVSS6.9AI score0.01212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-14749

Malware in sbrugna...

6.5CVSS6.6AI score0.00979EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-13689

Malware in sbrugna...

6.5CVSS6.6AI score0.01018EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-1544

Malware in sbrugna...

5.9CVSS6.3AI score0.12154EPSS
Exploits0References37
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2836

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01212EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-24516

Malicious code in bioql PyPI...

6.2CVSS6.5AI score0.00116EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.3 views

Flock Safety DetectionProcessing 安全漏洞

Flock Safety DetectionProcessing is an algorithmic execution module from Flock Safety USA. A security vulnerability exists in Flock Safety DetectionProcessing version 6.35.33, which stems from a hard-coded keystore password in the code that could lead to private key disclosure...

9.8CVSS7.1AI score0.00519EPSS
Exploits1References4
NVD
NVD
added 2025/09/26 4:15 p.m.4 views

CVE-2025-56463

Mercusys MW305R 3.30 and below is has a Transport Layer Security TLS certificate private key disclosure...

6.8CVSS0.00185EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/26 12:0 a.m.3 views

CVE-2025-56463

Mercusys MW305R 3.30 and below is has a Transport Layer Security TLS certificate private key disclosure...

6.6AI score0.00185EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-44483

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a privat...

6.5CVSS6.6AI score0.01212EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-36421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be...

5.3CVSS6AI score0.01582EPSS
Exploits1References2
Rows per page
Query Builder