CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 6 days ago•4 views

GETA: Generalized Encrypted Traffic Analysis

Traditional traffic analysis is being fundamentally challenged by the rapid adoption of encryption, tunnelling, and privacy-preserving protocols, which increasingly obscure packet payloads and limit the usefulness of Deep Packet Inspection DPI. Although machine learning has advanced encrypted...

5.8AI score

Cvelist•added 2026/05/13 6:32 p.m.•21 views

CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities

Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subn...

7.6CVSS0.00007EPSS

CVE•added 2026/04/03 9:42 p.m.•3 views

CVE-2015-10148

CVE-2015-10148 concerns Hirschmann HiLCOS devices: OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed. This enables unauthenticated remote attackers to decrypt or intercept encrypted management communicati...

8.8CVSS5.9AI score0.00002EPSS

Exploits0References2

RedhatCVE•added 2026/03/05 7:30 p.m.•3 views

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS6AI score0.00202EPSS

Vulnrichment•added 2026/03/04 5:46 p.m.•1 views

CVE-2026-20050 Cisco Secure Firewall Threat Defense Decryption Policy Denial of Service Vulnerability

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...

6.8CVSS6AI score0.00048EPSS

Vulnrichment•added 2026/03/04 5:22 p.m.•1 views

CVE-2026-20049

7.7CVSS6AI score0.00202EPSS

Cisco•added 2026/03/04 4:0 p.m.•6 views

Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability

6.8CVSS6AI score0.00048EPSS

RedhatCVE•added 2026/02/28 2:0 p.m.•2 views

CVE-2026-1626

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

9.1CVSS5.9AI score0.00021EPSS

EUVD•added 2026/02/27 9:30 a.m.•2 views

EUVD-2026-9008

6.5CVSS5.9AI score0.00021EPSS

Exploits0References7

NVD•added 2026/02/27 9:16 a.m.•2 views

CVE-2026-1626

9.1CVSS0.00021EPSS

OSV•added 2026/02/27 9:16 a.m.•1 views

CVE-2026-1626

9.1CVSS5.8AI score

Vulnrichment•added 2026/02/27 8:40 a.m.•2 views

CVE-2026-1626

6.5CVSS5.8AI score0.00021EPSS

Cvelist•added 2026/02/27 8:40 a.m.•18 views

CVE-2026-1626

6.5CVSS0.00021EPSS

CNNVD•added 2026/02/27 12:0 a.m.•6 views

SICK LMS1000和SICK MRS1000 安全漏洞

SICK LMS1000 and SICK MRS1000 are products from the German company SICK. SICK LMS1000 is a lidar sensor. SICK MRS1000 is a 3D lidar sensor. Both SICK LMS1000 and SICK MRS1000 have security vulnerabilities. These vulnerabilities stem from the use of CBC-based weak password suites in the device’s S...

9.1CVSS5.8AI score0.00021EPSS

Exploits0References7

Packet Storm News•added 2026/01/22 12:0 a.m.•5 views

CONTEX-T: Contextual Privacy Exploitation Via Transformer Spectral Analysis for IoT Device Fingerprinting

The rapid expansion of internet of things IoT devices have created a pervasive ecosystem where encrypted wireless communications serve as the primary privacy and security protection mechanism. While encryption effectively protects message content, packet metadata and statistics inadvertently expo...

5.9AI score

The Hacker News•added 2026/01/07 5:19 p.m.•4 views

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Security teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts, remote access,...

7.2AI score

Tenable Nessus•added 2026/01/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000449 advisory. A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is...

7.5CVSS6.6AI score0.00155EPSS

Exploits0References4

Packet Storm News•added 2026/01/03 12:0 a.m.•5 views

Comparative Evaluation of VAE, GAN, and SMOTE for Tor Detection in Encrypted Network Traffic

Encrypted network traffic poses significant challenges for intrusion detection due to the lack of payload visibility, limited labeled datasets, and high class imbalance between benign and malicious activities. Traditional data augmentation methods struggle to preserve the complex temporal and...

6.8AI score

Packet Storm News•added 2025/12/17 12:0 a.m.•3 views

Quantum Machine Learning for Cybersecurity: A Taxonomy and Future Directions

The increasing number of cyber threats and rapidly evolving tactics, as well as the high volume of data in recent years, have caused classical machine learning, rules, and signature-based defence strategies to fail, rendering them unable to keep up. An alternative, Quantum Machine Learning QML, h...

6.9AI score