Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-0971

Malicious code in bioql PyPI...

5.6CVSS7.4AI score0.00203EPSS
Exploits1References11
OSV
OSVadded 2024/12/12 10:0 p.m.16 views

GO-2022-0635 In-band key negotiation issue in AWS S3 Crypto SDK for golang in github.com/aws/aws-sdk-go

A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this i...

2.5CVSS3.9AI score0.00141EPSS
Exploits1References7
NVD
NVDadded 2024/11/18 6:15 a.m.19 views

CVE-2024-11308

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

6.2CVSS0.00059EPSS
Exploits0References2
OSV
OSVadded 2023/04/04 1:15 p.m.0 views

UBUNTU-CVE-2023-29000

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a malicious server could get the desktop client to encrypt file...

6.5CVSS6.6AI score0.00082EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2020/08/11 12:0 a.m.4 views

PT-2020-20365 · Amazon Web Services · Aws S3 Crypto Sdk For Golang

Name of the Vulnerable Software and Affected Versions: AWS S3 Crypto SDK for GoLang versions prior to V2 Description: A vulnerability exists in the in-band key negotiation of the AWS S3 Crypto SDK for GoLang. An attacker with write access to the targeted bucket can change the encryption algorithm...

9.8CVSS6.3AI score0.93667EPSS
Exploits15References37
Positive Technologies
Positive Technologiesadded 2018/07/26 12:0 a.m.1 views

PT-2018-12614 · Thomson Reuters · Thomson Reuters Ultratax Cs

Name of the Vulnerable Software and Affected Versions: Thomson Reuters UltraTax CS version 2017 Description: The software has a password protection option, but the level of protection may not meet some customers' expectations because the data is stored in cleartext. Customer data is stored in...

7.5CVSS7.6AI score0.00377EPSS
Exploits2References3
Prion
Prionadded 2014/03/14 10:55 a.m.15 views

Code injection

The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...

5CVSS6.4AI score0.00141EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2014/03/14 10:0 a.m.14 views

CVE-2014-2319

The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...

5.8AI score0.00141EPSS
Exploits1References2
Rows per page
Query Builder