Lucene search
K

5474 matches found

CVE
CVE
•added 2025/12/09 6:44 p.m.•16 views

CVE-2025-9612

CVE-2025-9612 concerns the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification. The issue is that insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection, enabling local or physi...

5.1CVSS6.1AI score0.00127EPSS
Exploits0References3Affected Software1
OSV
OSV
•added 2025/12/09 6:16 p.m.•1 views

CVE-2025-62631

An insufficient session expiration vulnerability CWE-613 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's passwor...

5.6CVSS5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
•added 2025/12/09 8:27 a.m.•6 views

CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS6.5AI score0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 2025/12/09 12:0 a.m.•5 views

PT-2025-50217

Name of the Vulnerable Software and Affected Versions PCI Express PCIe Integrity and Data Encryption IDE specification affected versions not specified Description The PCI Express PCIe Integrity and Data Encryption IDE specification contains insufficient guidance regarding Transaction Layer Packet...

6.2AI score0.00127EPSS
Exploits0References8
Veeam
Veeam
•added 2025/12/09 12:0 a.m.•25 views

How to Exclude Machines from Proactive Malware Scanning

Article Applicability The exclusion setting discussed in this article was added in Veeam Backup & Replication 13.0.1.180. Purpose This article documents how to exclude specific machines from Proactive Malware Scans the "Perform signature-based scan when malware event appears" option. Exclusions a...

5.8AI score
Exploits0Affected Software1
Packet Storm News
Packet Storm News
•added 2025/12/07 12:0 a.m.•12 views

PrivLLMSwarm: Privacy-Preserving LLM-Driven UAV Swarms for Secure IoT Surveillance

Large Language Models LLMs are emerging as powerful enablers for autonomous reasoning and natural-language coordination in unmanned aerial vehicle UAV swarms operating within Internet of Things IoT environments. However, existing LLM-driven UAV systems process sensitive operational data in...

6.8AI score
Exploits0
NVD
NVD
•added 2025/12/05 6:15 p.m.•6 views

CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS0.00242EPSS
Exploits0References4
OSV
OSV
•added 2025/12/05 6:15 p.m.•4 views

UBUNTU-CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS5.7AI score0.00242EPSS
Exploits0References6
Vulnrichment
Vulnrichment
•added 2025/12/05 5:47 p.m.•2 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.4CVSS6.2AI score0.00242EPSS
Exploits0References4
CVE
CVE
•added 2025/12/05 5:47 p.m.•26 views

CVE-2025-66549

The CVE-2025-66549 entry concerns Nextcloud Desktop (the desktop sync client). Before version 3.16.5, locking a file inside an end-to-end encrypted directory would send the file’s path to the server unencrypted, allowing administrators to see it in logs. The root cause is unencrypted transmission...

2.7CVSS6.2AI score0.00242EPSS
Exploits0References4Affected Software1
OSV
OSV
•added 2025/12/05 5:47 p.m.•5 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.4CVSS6.5AI score0.00242EPSS
Exploits0References6
Cvelist
Cvelist
•added 2025/12/05 5:47 p.m.•20 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.4CVSS0.00242EPSS
Exploits0References4
EUVD
EUVD
•added 2025/12/05 5:47 p.m.•6 views

EUVD-2025-201462

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.4CVSS6AI score0.00242EPSS
Exploits0References4
Nextcloud
Nextcloud
•added 2025/12/05 7:58 a.m.•8 views

Information disclosure via Desktop client when attempting to lock a file inside a end-to-end encrypted directory

None...

2.7CVSS5.2AI score0.00242EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
•added 2025/12/05 12:0 a.m.•7 views

Nextcloud Desktop Client å®‰å…Øę¼ę“ž

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A security vulnerability exists in Nextcloud Desktop Client versions prior to 3.16.5, which stems from the unencrypted sending of file paths in an end-to-end encrypted directory, which could lead...

2.7CVSS6.1AI score0.00242EPSS
Exploits0References4
CISA
CISA
•added 2025/12/04 12:0 p.m.•16 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score
Exploits0References10
GithubExploit
GithubExploit
•added 2025/12/03 4:0 p.m.•137 views

Exploit for CVE-2025-41744

Lab: CVE-2025-41744 - Use of Default Cryptographic Key in Spre...

9.1CVSS7.3AI score0.00366EPSS
Exploits4
RedhatCVE
RedhatCVE
•added 2025/12/03 10:41 a.m.•3 views

CVE-2025-41744

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity...

9.1CVSS7AI score0.00366EPSS
Exploits4References1
Fedora
Fedora
•added 2025/12/03 12:59 a.m.•9 views

[SECURITY] Fedora 43 Update: openbao-2.4.4-1.fc43

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

7.5CVSS7AI score0.00626EPSS
Exploits0
NVD
NVD
•added 2025/12/02 11:15 a.m.•5 views

CVE-2025-41744

Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged remote attacker to access all encrypted communications, thereby compromising confidentiality and integrity...

9.1CVSS0.00366EPSS
Exploits4References1
Rows per page
Query Builder