CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

701 matches found

Cvelist•added 2024/06/06 9:14 p.m.•27 views

CVE-2024-36823

The encrypt function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information...

0.0078EPSS

Exploits0References1

UbuntuCve•added 2024/06/06 12:0 a.m.•15 views

CVE-2024-36823

Last updated 24 July 2024...

7.5CVSS7.5AI score0.0078EPSS

Exploits0References4

NVD•added 2024/06/03 2:15 a.m.•9 views

CVE-2024-20070

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction i...

5.1CVSS6.2AI score0.00101EPSS

Exploits0References1

Vulnrichment•added 2024/06/03 2:4 a.m.•18 views

CVE-2024-20070

6.6AI score0.00101EPSS

Exploits0References1

Cvelist•added 2024/06/03 2:4 a.m.•20 views

CVE-2024-20070

6.2AI score0.00101EPSS

Exploits0References1

Veracode•added 2024/05/22 7:39 a.m.•7 views

Use Of A Broken Or Risky Cryptographic Algorithm

asymmetricrypt/asymmetricrypt is vulnerable to Use Of A Broken Or Risky Cryptographic Algorithm. The vulnerability is due to insecure padding within PKCS v1.5, which allows an attacker to brute force the encrypted content...

7AI score

Exploits0

OSV•added 2024/05/14 4:16 p.m.•1 views

CVE-2024-25968

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

7.5CVSS5.8AI score0.0044EPSS

Exploits0References1

NVD•added 2024/05/14 4:16 p.m.•15 views

CVE-2024-25968

7.5CVSS5.5AI score0.0044EPSS

Exploits0References1

OSV•added 2024/05/10 11:7 a.m.•2 views

OESA-2024-1558 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

6.5CVSS6.6AI score0.02323EPSS

Exploits0References40

IBM Security Bulletins•added 2024/05/03 1:22 p.m.•37 views

Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-471...

8.4CVSS9.3AI score0.014EPSS

Exploits0Affected Software1

BDU FSTEC•added 2024/04/18 12:0 a.m.•4 views

The vulnerability of the /squashfs-root/etc-ro/custom.conf file of the Telnet service of the TOTOLINK N200RE microprogramming device allows a intruder to gain unauthorized access to protected information.

The vulnerability of the /squashfs-root/etc-ro/custom.conf file of the Telnet service for the TOTOLINK N200RE microprogramming device router software is related to the use of a vulnerable cryptographic algorithm in the configuration files. Exploiting this vulnerability could allow an attacker to...

5.5CVSS5.5AI score0.00276EPSS

Exploits1References1Affected Software1

Redos•added 2024/04/12 12:0 a.m.•46 views

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

9.8CVSS8.6AI score0.87816EPSS

Exploits2

IBM Security Bulletins•added 2024/04/02 8:54 p.m.•44 views

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to an insecure cryptographic algorithm and to information disclosure due to DB2 (CVE-2023-47152)

Summary DB2 JDBC driver is shipped as part of the XMLToolkit component for IBM Tivoli Business Service Manager. Information about security vulnerability affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS6.6AI score0.00577EPSS

Exploits0Affected Software1

OSV•added 2024/03/28 7:15 p.m.•6 views

CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

7.5CVSS5.8AI score0.0032EPSS

Exploits0References1

Cvelist•added 2024/03/28 6:32 p.m.•14 views

CVE-2024-25963

5.9CVSS5.8AI score0.0032EPSS

Exploits0References1

Tenable Nessus•added 2024/03/18 12:0 a.m.•34 views

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26145)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

6.5CVSS6.9AI score0.03515EPSS

Exploits0References10

Tenable Nessus•added 2024/03/18 12:0 a.m.•39 views

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24587)

2.6CVSS6.9AI score0.02592EPSS

Exploits2References10

Tenable Nessus•added 2024/03/18 12:0 a.m.•26 views

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26139)

5.3CVSS6.9AI score0.06487EPSS

Exploits0References10

Tenable Nessus•added 2024/03/18 12:0 a.m.•25 views

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26140)