Lucene search
+L

10 matches found

redhatcve
redhatcve
added 2026/07/07 3:47 p.m.6 views

CVE-2026-14969

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...

4.4CVSS5.9AI score0.00077EPSS
Exploits0References3
cve
cve
added 2026/06/26 10:41 a.m.20 views

CVE-2026-13325

The CVE-2026-13325 issue affects KubeVirt’s migration proxy. When spec.configuration.migrations.disableTLS is set to true, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no authentication, peer allow-list, or handshake token. This listener ...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software2
attackerkb
attackerkb
added 2026/04/17 7:52 p.m.2 views

CVE-2026-32650

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

7.5CVSS5.7AI score0.0021EPSS
Exploits0References4
cve
cve
added 2026/04/17 7:52 p.m.14 views

CVE-2026-32650

The CVE-2026-32650 entry applies to Anviz CrossChex Standard. The description states that an attacker can manipulate the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access. This highlights a credential exposure risk ...

7.5CVSS5.7AI score0.0021EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-16758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man- in-the-middle attack to disable the encryption of VPN...

5.9CVSS6.4AI score0.00947EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/05/15 12:0 a.m.11 views

PT-2024-40434 · Laravel · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel affected versions not specified Description: The issue concerns applications that use the "cookie" session driver and expose an encryption oracle, allowing for remote code execution. An encryption oracle is a mechanism where arbitrary...

9.9CVSS7.9AI score
Exploits0References4
cnnvd
cnnvd
added 2021/03/04 12:0 a.m.6 views

Xerox AltaLink 安全漏洞

Xerox AltaLink is a hardware device from the American Xerox Xerox company. It provides a printing and copying function. A security vulnerability exists in Xerox AltaLink that allows a user with administrative privileges to disable data encryption on the device. The following products and versions...

4.9CVSS7.3AI score0.00626EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2020/11/10 12:0 a.m.17 views

PT-2020-6348

Name of the Vulnerable Software and Affected Versions Modicon M221 all versions Modicon M100 affected versions not specified Modicon M200 affected versions not specified Description A CWE-326: Inadequate Encryption Strength issue exists that could allow an attacker to break the encryption key whe...

7.8CVSS7.1AI score0.0029EPSS
Exploits0References11
osv
osv
added 2018/10/10 9:29 p.m.3 views

UBUNTU-CVE-2018-16758

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets...

5.9CVSS6.2AI score0.00947EPSS
Exploits0References3
redhat
redhat
added 2016/04/12 7:15 p.m.6 views

samba: Man-in-the-middle attacks possible with NTLMSSP authentication

Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or...

5.9CVSS6.6AI score0.08305EPSS
Exploits0References5
Rows per page
Query Builder