Lucene search
K

732 matches found

NVD
NVD
added 2026/06/25 8:17 p.m.7 views

CVE-2026-37454

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption...

7.5CVSS0.00262EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/25 12:0 a.m.21 views

CVE-2026-37454

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption...

0.00262EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52568

Name of the Vulnerable Software and Affected Versions MSI NBFoundation Service version 2.0.2506.1201 Description Insecure permissions allow a remote attacker to obtain sensitive information by exploiting the 3DES-ECB encryption method. 3DES-ECB Triple Data Encryption Standard in Electronic Codebo...

7.5CVSS5.8AI score0.00262EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-50208

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.4CVSS5.4AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 9:16 a.m.13 views

CVE-2026-50208

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.4CVSS0.00141EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:9 a.m.11 views

EUVD-2026-34220

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.4CVSS5.8AI score0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:9 a.m.14 views

CVE-2026-50208

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.2CVSS5.8AI score0.00141EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 7:9 a.m.44 views

CVE-2026-50208 Permissive TrustAllCerts TLS Verification

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.2CVSS0.00141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:9 a.m.8 views

CVE-2026-50208 Permissive TrustAllCerts TLS Verification

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.2CVSS5.8AI score0.00141EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 7:9 a.m.24 views

CVE-2026-50208

CVE-2026-50208 describes a vulnerability where TrustAllCerts routines bypass TLS certificate validation and are combined with hard-coded DES keys, enabling a MitM actor to decrypt network traffic. Documented impact includes high confidentiality and integrity risks with network traffic exposure; n...

9.4CVSS5.8AI score0.00141EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/02 8:16 p.m.12 views

CVE-2026-10608

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS0.00308EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/02 6:0 p.m.8 views

CVE-2026-10608 DedeCMS carbuyaction.php RemoveXSS sql injection

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS5.7AI score0.00308EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 6:0 p.m.7 views

CVE-2026-10608

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References5
CVE
CVE
added 2026/06/02 6:0 p.m.16 views

CVE-2026-10608

This CVE affects DedeCMS 5.7.88 and the vulnerable component is the function RemoveXSS in the file /plus/carbuyaction.php . The root cause is described as manipulation of the arguments postname/des leading to an SQL injection vulnerability. The impact is described as enabling remote exploitation ...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/02 6:0 p.m.14 views

EUVD-2026-33997

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:10 a.m.10 views

crypto: atmel-tdes - fix DMA sync direction

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/27 12:58 p.m.9 views

CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.41 views

CVE-2026-46077 crypto: atmel-tdes - fix DMA sync direction

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

0.00123EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.10 views

CVE-2026-46077

crypto: atmel-tdes - fix DMA sync direction...

5.8AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2026/05/21 8:16 a.m.16 views

CVE-2026-44061

Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis...

5.9CVSS0.00389EPSS
Exploits0References1
Rows per page
Query Builder