Lucene search
+L

98 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-19095

Malware in sbrugna...

7.5CVSS7.6AI score0.01461EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2274

Malicious code in bioql PyPI...

5.5CVSS5AI score0.00258EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-46428

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00307EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/10/01 12:0 a.m.8 views

PT-2025-40180

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to error handling within the ext4 dirhash function. Specifically, the function may fail when handling encrypted, casefolded file names...

6.1AI score0.00154EPSS
Exploits0References7
nessus
nessus
added 2025/08/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-7374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibl...

7.8CVSS6.3AI score0.00799EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 9:30 a.m.25 views

CVE-2024-36495

The application Faronics WINSelect Standard + Enterprise saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect Enterprise configuration file is:...

7.7CVSS6.9AI score0.0031EPSS
Exploits1
susecve
susecve
added 2025/05/20 1:7 a.m.4 views

SUSE CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS7.2AI score0.00141EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2024/10/29 12:44 p.m.13 views

CVE-2024-41156

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access...

2.7CVSS3.9AI score0.00364EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/10/17 12:0 a.m.5 views

Nokia Service Router Operating System 安全漏洞

Nokia Service Router Operating System Nokia SR OS is an operating system used by Nokia of Finland for its service router series. A security vulnerability exists in Nokia Service Router Operating System SR OS prior to version 24, which arises from a brute-force attack vulnerability in the bof.cfg...

3.3CVSS6.6AI score0.00071EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/06/24 8:50 a.m.12 views

CVE-2024-36495 Read/Write Permissions for Everyone on Configuration File

The application Faronics WINSelect Standard + Enterprise saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect Enterprise configuration file is:...

7.1AI score0.0031EPSS
Exploits1References3
cve
cve
added 2024/06/24 8:50 a.m.57 views

CVE-2024-36495

CVE-2024-36495 affects Faronics WINSelect (Standard + Enterprise). The configuration files are stored on disk with overly permissive permissions: C:\ProgramData\WINSelect\WINSelect.wsd and, for Enterprise, C:\ProgramData\Faronics\StorageSpace\WS\WINSelect.wsd. The issue arises from an encrypted c...

7.7CVSS7.5AI score0.0031EPSS
Exploits1References3
nvd
nvd
added 2024/03/26 3:15 p.m.21 views

CVE-2023-41969

An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 and later...

7.3CVSS7.2AI score0.00307EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/02/27 12:0 a.m.4 views

diffoscope security vulnerability

diffoscope is diffoscope open source a tool for checking the similarities and differences of files or directories. A security vulnerability exists in versions prior to diffoscope 256 that stems from allowing directory traversal via file names embedded in GPG files...

7.5CVSS6.8AI score0.00979EPSS
Exploits0References4
susecve
susecve
added 2023/09/01 2:8 a.m.2 views

SUSE CVE-2023-38037

ActiveSupport::EncryptedFile writes contents that will be encrypted to a temporary file. The temporary file's permissions are defaulted to the user's current umask settings, meaning that it's possible for other users on the same system to read the contents of the temporary file. Attackers that ha...

5.5CVSS5.4AI score0.00258EPSS
Exploits0References6
nvd
nvd
added 2023/04/27 9:15 a.m.34 views

CVE-2023-28770

The sensitive information exposure vulnerability in the CGI “ExportLog” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file...

7.5CVSS7.4AI score0.57778EPSS
Exploits2References3
cvelist
cvelist
added 2023/04/27 12:0 a.m.45 views

CVE-2023-28770

The sensitive information exposure vulnerability in the CGI “ExportLog” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file...

7.5CVSS7.7AI score0.57778EPSS
Exploits2References2
susecve
susecve
added 2023/02/15 4:28 a.m.3 views

SUSE CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS9.3AI score0.01362EPSS
Exploits0References6
filippoio
filippoio
added 2022/09/29 6:45 p.m.51 views

age and Authenticated Encryption

age is a file encryption format, tool, and library. It was made to replace one of the last remaining GnuPG use cases, but it was not made to replace GnuPG because in the last 20 years we learned that cryptographic tools work best when they are specialized and opinionated instead of flexible Swiss...

7AI score
Exploits0
mskb
mskb
added 2022/07/12 7:0 a.m.72 views

July 12, 2022—KB5015808 (OS Build 14393.5246) - EXPIRED

None None...

8.8CVSS6.8AI score0.32146EPSS
Exploits4
ptsecurity
ptsecurity
added 2022/04/01 12:0 a.m.12 views

PT-2022-9996 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper validation of buffer size input to the EFS file, which can lead to memory corruption in various Qualcomm Snapdragon products, including Snapdrag...

7.8CVSS7.8AI score0.0014EPSS
Exploits0References5
Rows per page
Query Builder