83 matches found
CVE-2026-5142 Foreman: foreman: cross-tenant private ssh key disclosure via taxonomy scoping bypass
A flaw was found in foreman. Authenticated users with 'viewkeypairs' permission can bypass taxonomy scoping, allowing them to download private SSH Secure Shell keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant...
cryptography 安全漏洞
cryptography is an open-source Python encryption library developed by Python Cryptographic Authority. Versions of cryptography prior to 46.0.5 contained security vulnerabilities. These vulnerabilities stemmed from multiple public key-related functions that did not verify whether the point belonge...
ZTE ZXMP M721 Private Key Disclosure Vulnerability
The ZTE ZXMP M721 is a metro edge OTN Optical Transport Network device from ZTE, China. The ZTE ZXMP M721 suffers from a private key disclosure vulnerability, which originates from a low-privilege user being able to bypass authorization checks to view the device's communication private key, and...
CVE-2025-46582
A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security...
EUVD-2025-36130
A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security...
PT-2025-43911
Name of the Vulnerable Software and Affected Versions ZTE ZXMP M721 affected versions not specified Description A private key disclosure issue exists in the ZTE ZXMP M721 product. A user with low privileges can bypass authorization checks to view the device's communication private key, leading to...
Sauter modu680-AS 信任管理问题漏洞
Sauter modu680-AS is a modular automation station cum web server from Sauter, Switzerland. A trust management issue vulnerability exists in Sauter modu680-AS, which stems from the use of hard-coded certificates to verify the authenticity of SOAP messages, which could lead to private key disclosur...
OESA-2025-2384 xml-security security update
The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...
OESA-2025-2381 xml-security security update
The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...
OESA-2025-2380 xml-security security update
The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...
EUVD-2017-14749
Malware in sbrugna...
EUVD-2021-13689
Malware in sbrugna...
EUVD-2018-1544
Malware in sbrugna...
EUVD-2023-2836
Malicious code in bioql PyPI...
EUVD-2024-24516
Malicious code in bioql PyPI...
Flock Safety DetectionProcessing 安全漏洞
Flock Safety DetectionProcessing is an algorithmic execution module from Flock Safety USA. A security vulnerability exists in Flock Safety DetectionProcessing version 6.35.33, which stems from a hard-coded keystore password in the code that could lead to private key disclosure...
CVE-2025-56463
Mercusys MW305R 3.30 and below is has a Transport Layer Security TLS certificate private key disclosure...
CVE-2025-56463
Mercusys MW305R 3.30 and below is has a Transport Layer Security TLS certificate private key disclosure...
Linux Distros Unpatched Vulnerability : CVE-2023-44483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a privat...
Linux Distros Unpatched Vulnerability : CVE-2020-36421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be...