Lucene search
K

5468 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.6 views

CVE-2023-50443

Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 ANSSI qualification submission or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are open...

4.6CVSS7AI score0.00318EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:13 a.m.8 views

CVE-2023-40354

An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....

6.5CVSS7AI score0.00268EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.8 views

CVE-2023-35763

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext...

5.5CVSS7AI score0.00215EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:40 a.m.5 views

CVE-2023-29501

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to...

4.8CVSS6.5AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:10 a.m.5 views

CVE-2023-21499

Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

8.2CVSS7.1AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:37 a.m.1 views

CVE-2023-23493

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

3.3CVSS6.2AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.10 views

CVE-2023-45182

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM...

7.4CVSS6.3AI score0.00634EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.5 views

CVE-2022-46783

An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book...

5.3CVSS6.8AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:56 p.m.5 views

CVE-2022-23857

model/criteria/criteria.go in Navidrome before 0.47.5 is vulnerable to SQL injection attacks when processing crafted Smart Playlists. An authenticated user could abuse this to extract arbitrary data from the database, including the user table which contains sensitive information such as the users...

6.5CVSS7.1AI score0.00932EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:41 p.m.4 views

CVE-2022-34354

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...

4CVSS6.2AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:40 p.m.7 views

CVE-2022-41541

TP-Link AX10v1 V1211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user...

8.1CVSS8.2AI score0.01118EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 p.m.2 views

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

6.1CVSS6.4AI score0.00622EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.4 views

CVE-2022-24296

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditionin...

7.5CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.5 views

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

4.6CVSS7AI score0.00506EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.9 views

CVE-2021-3791

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password...

6.5CVSS6.5AI score0.00407EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:8 p.m.7 views

CVE-2021-38084

An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session...

8.1CVSS7AI score0.01358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 p.m.5 views

CVE-2021-35226

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service SWIS. Exposed credentials are encrypted and require authenticated access with an NCM role...

6.5CVSS6.6AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:41 p.m.6 views

CVE-2021-30997

A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail...

7.5CVSS6AI score0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.6 views

CVE-2021-20833

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate...

7.4CVSS6.4AI score0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.9 views

CVE-2021-20732

The ATOM ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate...

5.9CVSS6.4AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder