Lucene search
K

5469 matches found

CVE
CVE
added 2025/05/27 12:29 p.m.74 views

CVE-2025-5270

CVE-2025-5270 concerns Mozilla Firefox and Thunderbird where SNI could be sent unencrypted even when encrypted DNS is enabled. Affected products are Firefox versions earlier than 139 and Thunderbird versions earlier than 139. The vulnerability’s impact includes potential disclosure of sensitive i...

7.5CVSS6.3AI score0.00234EPSS
Exploits0References3Affected Software1
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.17 views

M3S-UPD: Efficient Multi-Stage Self-Supervised Learning for Fine-Grained Encrypted Traffic Classification with Unknown Pattern Discovery

The growing complexity of encrypted network traffic presents dual challenges for modern network management: accurate multiclass classification of known applications and reliable detection of unknown traffic patterns. Although deep learning models show promise in controlled environments, their...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2025/05/27 12:0 a.m.3 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from the possibility of incorrectly forwarding duplicate encrypted packets that should be discarded under certain circumstance...

5.3CVSS6.6AI score0.00158EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.14 views

Mozilla Firefox < 139.0

The version of Firefox installed on the remote Windows host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-42 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these...

8.1CVSS7.3AI score0.00493EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2025/05/27 12:0 a.m.3 views

Firefox -- unencrypted SNI

[email protected] reports: In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled...

7.5CVSS7AI score0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.7 views

PT-2025-22995

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139 Description The issue arises when SNI Server Name Indication could be sent unencrypted despite having encrypted DNS enabled. This affects Firefox, potentially exposing user data. Recommendations For versions prior...

9.8CVSS7.8AI score0.09348EPSS
Exploits2References130
Packet Storm News
Packet Storm News
added 2025/05/26 12:0 a.m.3 views

Language of Network: a Generative Pre-Trained Model for Encrypted Traffic Comprehension

The increasing demand for privacy protection and security considerations leads to a significant rise in the proportion of encrypted network traffic. Since traffic content becomes unrecognizable after encryption, accurate analysis is challenging, making it difficult to classify applications and...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.6 views

The vulnerability of the telnetd service in D-Link router microprogramming systems such as DIR-605L and DIR-816L allows a hacker to execute arbitrary code.

The vulnerability of the telnetd service in D-Link router microprogramming systems like DIR-605L and DIR-816L lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using the built-in login credentials...

7.5CVSS6AI score0.00308EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-c38fd06bec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.00441EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2025/05/24 12:0 a.m.14 views

LLM-Driven APT Detection for 6G Wireless Networks: a Systematic Review and Taxonomy

Sixth Generation 6G wireless networks, which are expected to be deployed in the 2030s, have already created great excitement in academia and the private sector with their extremely high communication speed and low latency rates. However, despite the ultra-low latency, high throughput, and...

6.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.6 views

CVE-2024-36511

An improperly implemented security check for standard vulnerability CWE-358 in FortiADC Web Application Firewall WAF 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an...

3.7CVSS7AI score0.00379EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:30 a.m.23 views

CVE-2024-36495

The application Faronics WINSelect Standard + Enterprise saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect Enterprise configuration file is:...

7.7CVSS6.9AI score0.0031EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 9:3 a.m.4 views

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

5.8CVSS6.7AI score0.0037EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/05/23 7:52 a.m.10 views

Nextcloud: Information disclosure via Desktop client when attempting to lock a file inside a end-to-end encrypted directory

A security vulnerability was discovered in the desktop client of a file-sharing application. The vulnerability allowed information disclosure when attempting to lock a file inside an end-to-end encrypted directory...

2.7CVSS6AI score0.00242EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:27 a.m.8 views

CVE-2024-39925

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. It lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs. Consequently, the departing member, whose access should be revoked, retains a...

6.5CVSS6.5AI score0.00573EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:27 a.m.6 views

CVE-2024-39921

Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. If this vulnerability is exploited, some of the encrypted communication may be decrypted by a...

7.5CVSS6.8AI score0.00427EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:53 a.m.6 views

CVE-2024-54466

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An encrypted volume may be accessed by a different user without prompting for the password...

6.5CVSS7AI score0.00689EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:43 a.m.19 views

CVE-2024-47805

Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...

7.5CVSS6.8AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22918

A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50W firmware versions 4.16 through 5.35, USG20W-VPN firmware versions 4.16 through 5.35, VPN series...

6.5CVSS6.5AI score0.00771EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.12 views

CVE-2023-20109

A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...

6.6CVSS8.3AI score0.02344EPSS
Exploits0References1
Rows per page
Query Builder