Lucene search
K

5469 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.9 views

CVE-2021-20732

The ATOM ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate...

5.9CVSS6.4AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.7 views

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

7.5CVSS6.9AI score0.01159EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:41 p.m.8 views

CVE-2021-35979

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication...

8.1CVSS6.8AI score0.00858EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.6 views

CVE-2021-29467

Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1...

6.1CVSS6.9AI score0.00476EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:25 p.m.5 views

CVE-2020-11005

The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...

5.5CVSS5.5AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:2 p.m.9 views

CVE-2020-29548

An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session...

8.1CVSS7.1AI score0.01127EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.9 views

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

7.8CVSS7.4AI score0.00658EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:55 p.m.7 views

CVE-2020-29547

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure...

5.9CVSS7AI score0.00753EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:44 p.m.5 views

CVE-2020-9774

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately accessed...

7.5CVSS6.3AI score0.00613EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.7 views

CVE-2019-15799

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH while their...

9CVSS7.3AI score0.02309EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.12 views

CVE-2019-15801

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware,...

7.5CVSS7AI score0.01486EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:0 a.m.5 views

CVE-2019-8772

An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF...

7.5CVSS6AI score0.01222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:59 a.m.8 views

CVE-2011-3444

Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network...

4.3CVSS6.4AI score0.01436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.5 views

CVE-2019-8522

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password...

5.5CVSS6AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.10 views

CVE-2019-5263

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

5.5CVSS6.9AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:40 a.m.9 views

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...

7.5CVSS6.9AI score0.01015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:58 a.m.8 views

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

9.9CVSS7.5AI score0.01009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 a.m.4 views

CVE-2018-14062

The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages unrelated to distress alerts via a crafted 406 MHz digital signal...

9.4CVSS6.9AI score0.02326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:26 a.m.5 views

CVE-2019-8645

An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position may be able to...

6.5CVSS5.7AI score0.00777EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:49 a.m.10 views

CVE-2010-4303

Cisco Unified Videoconferencing UVC System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043...

4.9CVSS6.8AI score0.00352EPSS
Exploits0References1
Rows per page
Query Builder