CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/09 9:7 a.m.•5 views

CVE-2020-12142

1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative...

4.9CVSS7AI score0.00215EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-4457

Malware in sbrugna...

4.9CVSS5.2AI score0.00215EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-52682

Malicious code in bioql PyPI...

8.8CVSS8.1AI score0.71412EPSS

Exploits18References4

RedhatCVE•added 2025/05/23 8:12 a.m.•1 views

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks...

7.4CVSS7AI score0.00369EPSS

Exploits17References1

RedhatCVE•added 2025/02/04 10:57 p.m.•5 views

CVE-2024-0323

The FTP server used on the B Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients...

9.8CVSS6.9AI score0.00119EPSS

Exploits0References1

NVD•added 2025/01/14 2:15 p.m.•12 views

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

3.3CVSS0.00088EPSS

Exploits0References1

Vulnrichment•added 2025/01/10 12:0 a.m.•7 views

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks...

7.4AI score0.00369EPSS

Exploits17References4

CVE•added 2024/02/05 4:5 p.m.•56 views

CVE-2024-0323

The CVE-2024-0323 entry affects the B&R Automation Runtime FTP server, where the FTP service supports insecure encryption mechanisms (SSLv3, TLS 1.0, TLS 1.1). Affected product: B&R Automation Runtime (FTP server). Documented impact: network-based attacker can perform man-in-the-middle attacks or...

9.8CVSS9.3AI score0.00119EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/05/06 7:19 p.m.•11 views

CVE-2018-18979

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessary for deciphering communications between this application and the backend server. This, in...

7.3AI score0.00341EPSS

Exploits1References1

CVE•added 2006/05/31 10:0 p.m.•41 views

CVE-2006-2710

Summary: CVE-2006-2710 affects Secure Elements Class 5 AVR (C5 EVM) before 2.8.1. Root cause: same invariant RSA key used across all installations, permitting remote attackers with the key to decrypt communications. Impact: confidentiality of communications is compromised; integrity/availability ...

5CVSS6.7AI score0.00831EPSS

Exploits0References6Affected Software1

CERT•added 2006/05/30 12:0 a.m.•19 views

Secure Elements Class 5 AVR uses the same RSA key for all installations

Overview Secure Elements Class 5 AVR uses the same RSA key for all installations. This may allow a remote attacker to decrypt communications between systems. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors and enforces...

7.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by