Lucene search
K

11383 matches found

OSV
OSV
added 2026/06/15 3:5 p.m.8 views

SUSE-SU-2026:2399-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delt...

8.8CVSS8.3AI score0.02719EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.11 views

CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.2AI score0.00305EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:5 a.m.9 views

CVE-2026-34029 Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.2AI score0.0012EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/15 10:5 a.m.14 views

EUVD-2026-36712

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.3AI score0.0012EPSS
Exploits1References2
CVE
CVE
added 2026/06/15 10:5 a.m.26 views

CVE-2026-34029

The CVE-2026-34029 entry affects Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014). A hard-coded cryptographic key exists in SafeSystem.Infrastructure.Security.dll that an attacker with access to application files can reverse‑engineer to recover. This key enables decrypting licen...

6.8CVSS5.3AI score0.0012EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 10:5 a.m.41 views

CVE-2026-34029 Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS0.0012EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 10:2 a.m.39 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS0.00196EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:2 a.m.10 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS5.4AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 10:2 a.m.22 views

CVE-2026-34021

The CVE-2026-34021 entry concerns Wertheim SafeController 5400 (Controller 5400) with AssemblyVersion 6.11.8130.22320. The root cause is lack of cryptographic protection in RS-485 communications between the server and the microcontroller. This enables an attacker with access to the RS-485 path to...

8.6CVSS5.5AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49582

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description Angular's HttpTransferCache caches HTTP requests during Server-Side Rendering SSR to be reused during client-side hydration,...

8.8CVSS5.8AI score0.0009EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49546

Name of the Vulnerable Software and Affected Versions Canon EOS Network Setting Tool versions prior to 1.5.1 Description The software contains hard-coded cryptographic keys, which are fixed keys embedded directly into the source code, potentially allowing unauthorized decryption or authentication...

9.8CVSS6.6AI score0.00232EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49200

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.2AI score0.0012EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2026/06/13 8:3 a.m.8 views

Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

...

3.7CVSS5.8AI score0.0035EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/13 8:3 a.m.14 views

CMS AuthEnvelopedData Processing May Accept Forged Messages

...

9.1CVSS5.3AI score0.00237EPSS
Exploits0
NVD
NVD
added 2026/06/12 4:16 p.m.19 views

CVE-2026-9641

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000 iterations. Depending on the chosen algorithm, 220,000 to 1,400,000...

5.3CVSS0.00226EPSS
Exploits0References7
NVD
NVD
added 2026/06/12 4:16 p.m.22 views

CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 4:16 p.m.16 views

CVE-2026-50091

Aqara Home Android com.lumiunited.aqarahome 6.0.0 and white-label clients embedding the same liblumidevsdk.so uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-coded Cryptographic Key" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1...

9.1CVSS0.00287EPSS
Exploits1References2
OSV
OSV
added 2026/06/12 4:16 p.m.9 views

UBUNTU-CVE-2026-9638

Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

7.5CVSS5.2AI score0.00305EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/12 3:2 p.m.9 views

EUVD-2026-36481

Aqara Home Android com.lumiunited.aqarahome 6.0.0 and white-label clients embedding the same liblumidevsdk.so uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-coded Cryptographic Key" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1...

9.1CVSS5.2AI score0.00287EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/12 3:2 p.m.11 views

CVE-2026-50091 Aqara Home Android SDK hardcoded keys

Aqara Home Android com.lumiunited.aqarahome 6.0.0 and white-label clients embedding the same liblumidevsdk.so uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-coded Cryptographic Key" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1...

9.1CVSS5.3AI score0.00287EPSS
Exploits1References2
Rows per page
Query Builder