Lucene search
K

2784 matches found

Nuclei
Nuclei
added 14 hours ago99 views

Milesight Routers - Information Disclosure

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...

7.5CVSS7.2AI score0.59342EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

PHP 8.4.x < 8.4.23

The version of PHP installed on the remote host is prior to 8.4.23. It is, therefore, affected by a vulnerability as referenced in the Version 8.4.23 advisory. - In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementatio...

5.6CVSS6.2AI score0.00306EPSS
Exploits0References3
NVD
NVD
added 3 days ago8 views

CVE-2026-14969

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...

4.4CVSS0.00079EPSS
Exploits0References2
NVD
NVD
added 3 days ago8 views

CVE-2024-56141

Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret...

5CVSS0.00111EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago31 views

CVE-2024-56141 Minosoft has IV equal to key

Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret...

5CVSS0.00111EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-21383

Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security...

7.1CVSS0.00069EPSS
Exploits0References1
OSV
OSV
added 4 days ago2 views

DEBIAN-CVE-2026-53763

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.0.0 and prior to version 4.11.0, 32-bit integer overflows in OP-TEE core's AES-GCM implementation cause the...

3.8CVSS6AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-21383

CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...

7.1CVSS6AI score0.00069EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-53763

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.0.0 and prior to version 4.11.0, 32-bit integer overflows in OP-TEE core's AES-GCM implementation cause the...

3.8CVSS6AI score0.00149EPSS
Exploits0
OSV
OSV
added 4 days ago5 views

OESA-2026-2860 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: CMS...

2.9CVSS5.9AI score0.0011EPSS
Exploits0References2
OSV
OSV
added 4 days ago4 views

OESA-2026-2859 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: CMS...

2.9CVSS5.9AI score0.0011EPSS
Exploits0References2
OSV
OSV
added 4 days ago3 views

OESA-2026-2858 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: CMS...

2.9CVSS5.9AI score0.0011EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Debian dla-4669 : libapache2-mod-php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dla-4669 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/...

5.6CVSS6.2AI score0.00306EPSS
Exploits0References4
Slackware Linux
Slackware Linux
added 5 days ago8 views

[slackware-security] Slackware 15.0 php82

New php82 packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: extra/php82/php82-8.2.32-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: OpenSSL: Fixed memory corruption zendmmheap corrupted in opensslencrypt...

5.6CVSS6AI score0.00306EPSS
Exploits0
Debian
Debian
added 6 days ago6 views

[SECURITY] [DLA 4669-1] php8.2 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 04, 2026 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
Debian
Debian
added 6 days ago4 views

[SECURITY] [DSA 6377-1] php8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6377-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 04, 2026 https://www.debian.org/security/faq -...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
NVD
NVD
added last week6 views

CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS0.00306EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added last week22 views

CVE-2026-14355

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0
OSV
OSV
added 2026/07/03 12:0 a.m.4 views

UBUNTU-CVE-2026-14355

PHP: ext/openssl: Memory corruption zendmmheap corrupted in opensslencrypt with AES-WRAP-PAD...

5.6CVSS6AI score0.00306EPSS
Exploits0References5
Rows per page
Query Builder