1075 matches found
CVE-2025-14759
Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To...
PT-2025-51880
Name of the Vulnerable Software and Affected Versions Amazon S3 Encryption Client for .NET versions prior to 3.2.0 Description A flaw exists in the Amazon S3 Encryption Client for .NET where a missing cryptographic key commitment could allow a user with write access to an S3 bucket to introduce a...
Amazon AWS SDK for PHP 安全漏洞
Amazon AWS SDK for PHP is a software development kit for Amazon Web Services based on the PHP platform from Amazon.com, USA. A security vulnerability exists in Amazon AWS SDK for PHP that stems from a lack of cryptographic key commitment, which could cause a user with write access to the S3 stora...
AWS SDK for C++ 安全漏洞
AWS SDK for C++ is an open source developer toolkit for C++ by Amazon Web Services A security vulnerability exists in AWS SDK for C++ that stems from a lack of cryptographic key commitment, which could lead to a user with write access to an S3 storage bucket introducing a new EDK that decrypts a...
PT-2025-51884
Name of the Vulnerable Software and Affected Versions Amazon S3 Encryption Client for Java versions prior to 4.0.0 Description A missing cryptographic key commitment in the Amazon S3 Encryption Client for Java could allow a user with write access to an S3 bucket to introduce a new Encryption Data...
Use Of Hard-coded Cryptographic Key
AstrBot is vulnerable to the Use of Hard-coded Cryptographic Key. The vulnerability is due to the presence of a hard-coded signing key in the application, which allows an attacker to forge tokens and execute arbitrary commands by installing a malicious plugin...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from blk-mq not releasing a cryptographic key slot before I/O completion, which could lead to post-release reuse...
Exploit for CVE-2025-38001
Lab: CVE-2025-41744 - Use of Default Cryptographic Key in Spre...
Exploit for CVE-2025-41744
Lab: CVE-2025-41744 - Use of Default Cryptographic Key in Spre...
CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471
The CVE-2025-54471 entry concerns NeuVector where a hard-coded cryptographic key was embedded in the source and replaced at compile time, then used to encrypt sensitive configurations stored by NeuVector. Affected data and configurations could be exposed due to the improper key handling. The prov...
CVE-2025-54471 NeuVector is shipping cryptographic material into its binary
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471 NeuVector is shipping cryptographic material into its binary
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
SUSE CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/resource to...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/kv to versi...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/api to...