Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5933 matches found

Ubuntu
Ubuntuadded 2020/05/28 12:7 p.m.104 views

USN-4376-1: OpenSSL vulnerabilities

Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys...

5.3CVSS6.6AI score0.14298EPSS
Exploits0
OSV
OSVadded 2020/05/27 2:15 p.m.3 views

CVE-2020-4349

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423...

7.5CVSS6.5AI score0.00792EPSS
Exploits0References2
OSV
OSVadded 2020/05/27 2:15 p.m.4 views

CVE-2020-4379

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158...

7.5CVSS6.5AI score0.00792EPSS
Exploits0References2
Cvelist
Cvelistadded 2020/05/27 1:15 p.m.23 views

CVE-2020-4379

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158...

5.9CVSS7.3AI score0.00792EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/05/27 12:0 a.m.5 views

PT-2020-13658 · Python +5 · Python-Rsa +5

Name of the Vulnerable Software and Affected Versions: Python-RSA versions prior to 4.1 Description: The issue concerns the decryption of ciphertext, where leading '0' bytes are ignored. This could potentially have security implications, such as helping an attacker infer that an application uses...

7.8CVSS5.2AI score0.01631EPSS
Exploits2References55
CNVD
CNVDadded 2020/05/27 12:0 a.m.3 views

IBM Spectrum Scale Encryption Issue Vulnerability

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

7.5CVSS6.7AI score0.00792EPSS
Exploits0References1
CNVD
CNVDadded 2020/05/27 12:0 a.m.2 views

IBM Spectrum Scale Encryption Problem Vulnerability (CNVD-2020-30835)

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

7.5CVSS6.7AI score0.00792EPSS
Exploits0References1
Malwarebytes
Malwarebytesadded 2020/05/22 3:0 p.m.93 views

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited. Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we've decided to republish the following blog...

7AI score
Exploits0
CNVD
CNVDadded 2020/05/22 12:0 a.m.3 views

Information Disclosure Vulnerability in Multiple Huawei Products (CNVD-2020-36726)

Huawei Anne-AL00 and others are products of Huawei, a Chinese company.Huawei Anne-AL00 is a smartphone.Honor 10 Lite is a smartphone.Huawei TC5200-16 is a wireless router.Huawei Anne-AL00 is a smartphone.Huawei Anne-AL00 is a smartphone.Huawei Anne-AL00 is a smartphone.Huawei TC5200-16 is a...

6.5CVSS6.3AI score0.00337EPSS
Exploits0References1
NVD
NVDadded 2020/05/21 3:15 p.m.22 views

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

6.5CVSS6.3AI score0.00337EPSS
Exploits0References1
OSV
OSVadded 2020/05/21 3:15 p.m.1 views

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

6.5CVSS5.8AI score0.00337EPSS
Exploits0References1
Prion
Prionadded 2020/05/21 3:15 p.m.18 views

Information disclosure

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

3.3CVSS6.2AI score0.00337EPSS
Exploits0References1Affected Software18
CVE
CVEadded 2020/05/21 2:19 p.m.60 views

CVE-2020-9069

CVE-2020-9069 describes an information leakage vulnerability in multiple Huawei products where an unauthenticated, adjacent attacker could decrypt data and leak information randomly. Affected devices include a wide range of Huawei consumer and networking devices (e.g., Anne-AL00, Berkeley-L09, CD...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/05/21 2:19 p.m.27 views

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

6.3AI score0.00337EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2020/05/20 5:37 p.m.44 views

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates

The NetWalker ransomware – the scourge behind one of the recent Toll Group attacks – has transitioned to a ransomware-as-a-service RaaS model, and its operators are placing a heavy emphasis on targeting and attracting technically advanced affiliates, according to researchers. Traditionally,...

0.2AI score
Exploits0References10
UbuntuCve
UbuntuCveadded 2020/05/11 2:15 p.m.28 views

CVE-2020-10685

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchiv...

5.5CVSS6.7AI score0.00376EPSS
Exploits0References2
Prion
Prionadded 2020/05/11 2:15 p.m.19 views

Design/Logic Flaw

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchiv...

1.9CVSS6AI score0.00376EPSS
Exploits0References4Affected Software6
OSV
OSVadded 2020/05/11 2:15 p.m.0 views

UBUNTU-CVE-2020-10685

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchiv...

5.5CVSS7.1AI score0.00376EPSS
Exploits0References3
CVE
CVEadded 2020/05/11 12:0 a.m.208 views

CVE-2020-10685

CVE-2020-10685 affects Ansible Engine versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, and Ansible Tower up to 3.6.3, when using vault-decrypting modules (assemble, script, unarchive, win_copy, aws_s3, copy). A temporary directory is created in /tmp and left unencrypted; on ...

5.5CVSS5.8AI score0.00376EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2020/05/11 12:0 a.m.25 views

CVE-2020-10685

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchiv...

5CVSS6.2AI score0.00376EPSS
Exploits0References4
Rows per page
Query Builder