Lucene search
K

144 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Mbed TLS before versions 2.28.2 and 3.x, prior to 3.3.0. An adversary with access to sufficiently precise information about memory accesses typically, an untrusted operating system attacking a secure environment can retrieve an RSA private key by observing the...

5.3CVSS6.1AI score0.00787EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.46 views

OpenSSL 3.6.0 < 3.6.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.3 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.3AI score0.02719EPSS
Exploits0References53
NVD
NVD
added 2026/06/04 2:16 p.m.12 views

CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:13 p.m.10 views

CVE-2026-45433 Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

8.7CVSS5.8AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 6:34 p.m.10 views

CVE-2026-45041 RustFS: Hard-coded RSA private key in license verifier permits arbitrary license forgery

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 6:34 p.m.11 views

EUVD-2026-32996

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/28 6:34 p.m.32 views

CVE-2026-45041 RustFS: Hard-coded RSA private key in license verifier permits arbitrary license forgery

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

8.7CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 6:34 p.m.14 views

CVE-2026-45041

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/26 1:0 a.m.9 views

MAL-2026-4713 Malicious code in wdb-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 11:24 a.m.10 views

Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d8f3ef8e6fa016bfc17617ebcedce012c6cce870d89564965a476c3ec8da1c The tarball contains live, importable credentials for systems other than the installer's own. src/controllers/internalTrax.controller.js hardcodes...

5.4AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30420

A vulnerability was determined in Tenda AC10 16.03.10.10 multi TDE01. Affected by this issue is some unknown functionality of the file /webroot ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The...

6.9CVSS5.6AI score0.00395EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.11 views

CVE-2025-1099

This vulnerability exists in Tapo C500 Wi-Fi camera due to hard-coded RSA private key embedded within the device firmware. An attacker with physical access could exploit this vulnerability to obtain cryptographic private keys which can then be used to perform impersonation, data decryption and ma...

7CVSS6.4AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2025/11/21 3:59 p.m.6 views

JLSEC-2025-219 An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses typically, an untrusted operating system attacking a secure enclave can recover an RSA private key after observing the victim performing a single...

5.3CVSS6.4AI score0.00787EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0779

Malware in sbrugna...

5.3CVSS6.4AI score0.00906EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3100

Malware in sbrugna...

1.2CVSS7.3AI score0.00409EPSS
Exploits1References52
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-1796

Malware in sbrugna...

6.4CVSS9.2AI score0.16191EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4123

Malware in sbrugna...

2.1CVSS6.4AI score0.00312EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-23949

Malware in sbrugna...

5.3CVSS5.5AI score0.01582EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2020-3346

Malware in sbrugna...

5.9CVSS5.9AI score0.0163EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5553

Malware in sbrugna...

5.5CVSS5.5AI score0.0043EPSS
Exploits3References5
Rows per page
Query Builder