CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

OSSF Malicious Packages•added 2026/05/24 4:4 p.m.•12 views

Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

5.9AI score

Exploits0References4

CNNVD•added 2026/03/19 12:0 a.m.•4 views

Sercomm SCE4255W 安全漏洞

Sercomm SCE4255W is a broadband gateway device produced by Sercomm in Taiwan, China. Previous versions of Sercomm SCE4255W DG3934v3@2308041842 contained security vulnerabilities. These vulnerabilities stemmed from the use of hard-coded AES-256-CBC keys in the configuration backup/restore mechanis...

9.8CVSS5.8AI score0.00152EPSS

Exploits0References3

CVE•added 2026/03/19 12:0 a.m.•4 views

CVE-2025-67112

The CVE-2025-67112 entry concerns the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware prior to DG3934v3@2308041842, where a hard-coded AES-256-CBC key in the configuration backup/restore flow allows remote authenticated users to decrypt, modify, and re-encrypt device configurations. Th...

9.8CVSS5.8AI score0.00152EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-3110

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00381EPSS

Exploits1References23

CVE•added 2025/09/29 8:34 p.m.•28 views

CVE-2025-34234

Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...

9.2CVSS6.3AI score0.00076EPSS

Exploits1References4Affected Software2

RedhatCVE•added 2025/05/23 5:38 a.m.•5 views

CVE-2023-26154

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...

5.9CVSS6.7AI score0.00381EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:11 p.m.•3 views

CVE-2020-11876

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code...

7.5CVSS6.9AI score0.00166EPSS

Exploits1References1

CNNVD•added 2025/01/20 12:0 a.m.•2 views

easy-rsa 加密问题漏洞

easy-rsa is a simple shell-based CA utility from the OpenVPN open source. A security vulnerability exists in easy-rsa versions 3.0.5 through 3.1.7, which stems from the fact that when creating a password-protected CA private key using the easyrsa build-ca command, Easy-RSA incorrectly uses the...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References2

OSV•added 2024/01/02 6:32 p.m.•27 views

GO-2023-2385 Insufficient entropy in AES-256-CBC in github.com/pubnub/go

There is insufficient entropy in the implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt functions are less secure when hex encoding and trimming are applied, leaving half of the bits in the key always the same for every encoded message or file. Users are encouraged to...

5.9CVSS5.6AI score0.00381EPSS

Exploits1References2

Github Security Blog•added 2023/12/06 6:30 a.m.•27 views

pubnub Insufficient Entropy vulnerability

5.9CVSS7AI score0.00381EPSS

Exploits1References21Affected Software9

OSV•added 2023/12/06 6:30 a.m.•26 views

GHSA-5844-Q3FC-56RH pubnub Insufficient Entropy vulnerability

5.9CVSS5.5AI score0.00381EPSS

Exploits1References22

OSV•added 2023/12/06 5:15 a.m.•23 views

CVE-2023-26154

5.9CVSS5.7AI score

Exploits0References17

NVD•added 2023/12/06 5:15 a.m.•17 views

CVE-2023-26154

5.9CVSS0.00381EPSS

Exploits1References17

Prion•added 2023/12/06 5:15 a.m.•19 views

Design/Logic Flaw

2.6CVSS7AI score0.00381EPSS

Exploits1References17Affected Software4

CVE•added 2023/12/06 5:0 a.m.•68 views

CVE-2023-26154

CVE-2023-26154 corresponds to an Insufficient Entropy vulnerability in PubNub crypto, caused by the AES-256-CBC implementation’s insecure entropy/ key handling. Affected packages include PubNub core libraries across multiple languages (pubnub, com.pubnub:pubnub, github.com/pubnub/go and variants)...

5.9CVSS5.6AI score0.00381EPSS

Exploits1References17Affected Software4

Cvelist•added 2023/12/06 5:0 a.m.•14 views

CVE-2023-26154

5.9CVSS5.9AI score0.00381EPSS

Exploits1References17

RubySec•added 2023/12/06 12:0 a.m.•20 views

pubnub Insufficient Entropy vulnerability

5.9CVSS7AI score0.00381EPSS

Exploits1References1Affected Software1

GitLab Advisory Database•added 2023/12/06 12:0 a.m.•13 views

pubnub Insufficient Entropy vulnerability

5.9CVSS6.6AI score0.00381EPSS

Exploits1References22Affected Software1

GitLab Advisory Database•added 2023/12/06 12:0 a.m.•5 views

pubnub Insufficient Entropy vulnerability

5.9CVSS6.3AI score0.00381EPSS

Exploits1References22Affected Software1

Snyk•added 2023/08/13 9:0 p.m.•3 views

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy via the getKey function, due to inefficient implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt function is less secure when hex encoding and trimming are applied, leaving half of the bit...

5.9CVSS6.9AI score0.00381EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by