CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5929 matches found

ThreatPost•added 2018/08/13 8:10 p.m.•8 views

New Variant of KeyPass Ransomware Discovered

A new variant of the KeyPass ransomware has been gaining traction in August and is using new techniques like manual control to customize its encryption process, researchers said Monday. Researchers at Kaspersky Lab who posted about the trojan said that it is being propagated by means of fake...

0.2AI score

Exploits0References3

Cisco•added 2018/08/13 4:0 p.m.•93 views

Cisco IOS and IOS XE Software Internet Key Exchange Version 1 RSA-Encrypted Nonces Vulnerability

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

5.9CVSS1.7AI score0.01722EPSS

Exploits0References1

Prion•added 2018/08/10 7:29 p.m.•13 views

Code injection

Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execut...

4CVSS8.6AI score0.03632EPSS

Exploits0References2Affected Software2

RedhatCVE•added 2018/08/09 7:49 p.m.•34 views

CVE-2018-14526

An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive...

8.3CVSS2.5AI score0.01404EPSS

Exploits0References2

OpenVAS•added 2018/08/09 12:0 a.m.•22 views

Debian: Security Advisory (DLA-1462-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.01404EPSS

Exploits0References3

Prion•added 2018/08/08 7:29 p.m.•29 views

Design/Logic Flaw

3.3CVSS6.1AI score0.01404EPSS

Exploits0References10Affected Software3

NVD•added 2018/08/08 7:29 p.m.•17 views

CVE-2018-14526

6.5CVSS5.9AI score0.01404EPSS

Exploits0References10

OSV•added 2018/08/08 7:29 p.m.•27 views

CVE-2018-14526

6.5CVSS6.3AI score

Exploits0References10

OSV•added 2018/08/08 7:29 p.m.•2 views

ALPINE-CVE-2018-14526

6.5CVSS6.9AI score0.01404EPSS

Exploits0References1

OSV•added 2018/08/08 7:29 p.m.•2 views

DEBIAN-CVE-2018-14526

6.5CVSS6.6AI score0.01404EPSS

Exploits0References1

CVE•added 2018/08/08 7:0 p.m.•411 views

CVE-2018-14526

CVE-2018-14526 affects wpa_supplicant (rsn_supp/wpa.c) up to 2.6, where under certain conditions the integrity of EAPOL-Key messages is not checked, enabling a decryption oracle. An attacker in range of the AP and client could recover sensitive information. Public advisories across distributions ...

6.5CVSS5.7AI score0.01404EPSS

Exploits0References10Affected Software1

Cvelist•added 2018/08/08 7:0 p.m.•20 views

CVE-2018-14526

5.8AI score0.01404EPSS

Exploits0References10

Debian CVE•added 2018/08/08 7:0 p.m.•23 views

CVE-2018-14526

6.5CVSS2.5AI score0.01404EPSS

Exploits0

AlpineLinux•added 2018/08/08 7:0 p.m.•40 views

CVE-2018-14526

6.5CVSS6AI score0.01404EPSS

Exploits0

UbuntuCve•added 2018/08/08 12:0 a.m.•28 views

CVE-2018-14526

6.5CVSS6.7AI score0.01404EPSS

Exploits0References6

OSV•added 2018/08/08 12:0 a.m.•2 views

UBUNTU-CVE-2018-14526

6.5CVSS6.6AI score0.01404EPSS

Exploits0References7

Veracode•added 2018/08/07 6:10 a.m.•33 views

Side-Channel Attack

libgcrypt.so is vulnerable to side-channel attacks. The elliptic-point curve multiplication during decryption is not properly performed, which allows attackers within close proximity to extract the secret decryption key within seconds by measuring electromagnetic emanations...

2CVSS4.5AI score0.00432EPSS

Exploits0References12Affected Software1

OSV•added 2018/08/06 2:29 p.m.•1 views

CVE-2017-1366

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859...

7.5CVSS5.8AI score0.00975EPSS

Exploits0References2

Japan Vulnerability Notes•added 2018/08/06 5:10 a.m.•3 views

Multiple directory traversal vulnerabilities in AttacheCase

Overview AttacheCase is an open source file encryption software provided by HiBARA Software. AttacheCase contains a directory traversal vulnerability CWE-22 due to a flaw in processing filenames in ATC files. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported CVE-2018-0660...

5.8CVSS6.7AI score0.01419EPSS

Exploits0References7

Packet Storm•added 2018/08/06 12:0 a.m.•44 views

Sidify Music Converter 1.2.9 DLL Hijacking

===================================================== Exploit Title : Sidify Music Converter 1.2.9 - DLL Hijacking Code Execution Date Discovered : 2018-19-07 Affected Products: Sidify Music Converter v1.2.9 - Software Exploitation Technique: Local Severity Level: Medium Tested OS : Windows 7 &...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by