Lucene search
K

217 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/02 9:52 p.m.4 views

CVE-2025-36253

IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS5.4AI score0.00203EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.5 views

PT-2026-5700

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert utilizes cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive information. Recommendations Update to a version later...

7.5CVSS5.4AI score0.00203EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

Explorance Blue security vulnerabilities

Explorance Blue is a learning experience management software developed by the Canadian company Explorance. Versions of Explorance Blue prior to 8.14.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of reversible symmetric encryption with hardcoded static keys to...

6.8CVSS5.8AI score0.00186EPSS
Exploits0References5
CVE
CVE
added 2026/01/22 10:21 p.m.11 views

CVE-2025-25051

CVE-2025-25051 pertains to AutomationDirect CLICK PLC, where the vulnerability arises from plaintext storage of a password in the project file. An attacker with access to the project file could decrypt credentials, impersonate legitimate users or devices, and potentially access network resources ...

6.1CVSS5.5AI score0.00099EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/10 5:17 a.m.2 views

CVE-2026-22698 RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a critical vulnerability exists in...

8.7CVSS6.5AI score0.00245EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.6 views

CVE-2020-7515

A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password...

7.8CVSS6.7AI score0.00257EPSS
Exploits0References1
Snyk
Snyk
added 2025/12/17 8:38 p.m.6 views

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to missing cryptographic key commitment when storing encrypted data keys in an instruction file. An attacker with write access to the S3 bucket can manipulate encrypted data keys to...

6CVSS6.7AI score0.00185EPSS
Exploits0References2
CVE
CVE
added 2025/12/17 8:18 p.m.11 views

CVE-2025-14763

CVE-2025-14763 concerns the Amazon S3 Encryption Client for Java lacking key commitment when the encrypted data key (EDK) is stored in an Instruction File. This could let a user with write access to an S3 bucket introduce a rogue EDK and decrypt to different plaintext. The vulnerability is tied t...

6CVSS6.4AI score0.00103EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/13 3:58 p.m.5 views

CVE-2025-53960

When issuing JSON Web Tokens JWT, Apache StreamPark directly uses the user's password as the HMAC signing key e.g., with the HS256 algorithm. An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge...

5.9CVSS6.8AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/12 3:15 p.m.5 views

CVE-2025-53960 Apache StreamPark: Uses the user’s password as the secret key

When issuing JSON Web Tokens JWT, Apache StreamPark directly uses the user's password as the HMAC signing key e.g., with the HS256 algorithm. An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge...

6.5AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 10:44 a.m.13 views

CVE-2025-40818

The CVE identifies a vulnerability in SINEMA Remote Connect Server (all versions

3.3CVSS6.4AI score0.00093EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/27 12:39 p.m.4 views

OPENSUSE-SU-2025:20116-1 Security update for rnp

This update for rnp fixes the following issues: - update to 0.18.1: CVE-2025-13470: PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only boo1253957, CVE-2025-13402...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
CNVD
CNVD
added 2025/11/27 12:0 a.m.4 views

IBM Concert Encryption Issues Vulnerabilities

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which can ...

7.5CVSS6.7AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 11:15 p.m.61 views

CVE-2025-62710

Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...

5.9CVSS0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-25495

Malware in sbrugna...

7.5CVSS6.6AI score0.00665EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17531

Malware in sbrugna...

5.9CVSS5.9AI score0.01045EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-1999-0475

Malware in sbrugna...

7.2CVSS6.4AI score0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0002

Malware in sbrugna...

5.5CVSS7.2AI score0.00376EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-7619

Malware in sbrugna...

7.5CVSS7.6AI score0.01326EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-26121

Malware in sbrugna...

7.5CVSS8.9AI score0.0027EPSS
Exploits0References3
Rows per page
Query Builder