Lucene search
K

5469 matches found

CNNVD
CNNVD
added 2025/05/12 12:0 a.m.3 views

ARTEC EMA Mail 安全漏洞

ARTEC EMA Mail is an enterprise-class encrypted mail system from ARTEC. A security vulnerability exists in ARTEC EMA Mail version 6.92 that stems from vulnerability to cross-site request forgery attacks...

8.8CVSS6.7AI score0.0023EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/05/12 12:0 a.m.6 views

The vulnerability of Ivanti Connect Secure and Ivanti Policy Secure, which control network access, stems from the use of a strictly encrypted cryptographic key. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure network access control tools lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6CVSS7.7AI score0.0031EPSS
Exploits0References3Affected Software2
Vulnrichment
Vulnrichment
added 2025/05/09 11:59 a.m.14 views

CVE-2025-4382 Grub2: grub allow access to encrypted device through cli once root device is unlocked via tpm

A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...

5.9CVSS6.5AI score0.00309EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/09 12:0 a.m.3 views

Privacy-Preserving Credit Card Approval Using Homomorphic SVM: toward Secure Inference in FinTech Applications

The growing use of machine learning in cloud environments raises critical concerns about data security and privacy, especially in finance. Fully Homomorphic Encryption FHE offers a solution by enabling computations on encrypted data, but its high computational cost limits practicality. In this...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.4 views

The vulnerability of the access point loading function in Cisco IOS XE wireless local control devices allows a attacker to execute arbitrary commands.

The vulnerability of the Cisco IOS XE wireless local area network controller’s Access Point AP loading function is related to the presence of a strictly encrypted JSON Web Token JWT. Exploiting this vulnerability allows an attacker to execute arbitrary commands by sending specially crafted HTTPS...

10CVSS7.7AI score0.17894EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/05/08 4:15 p.m.2 views

DEBIAN-CVE-2025-26842

An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog...

7.5CVSS5.3AI score0.00296EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 4:15 p.m.0 views

UBUNTU-CVE-2025-26842

An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog...

7.5CVSS5.8AI score0.00296EPSS
Exploits0References3
OSV
OSV
added 2025/05/07 4:15 p.m.7 views

AZL-61729 CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

7.5CVSS5.8AI score0.00301EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/07 12:24 a.m.17 views

CVE-2025-45237

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...

7.5CVSS6.8AI score0.0038EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Do Not Enable the rsync Service

The rsync service can synchronize data between servers or between local drive partitions. However, information leakage risks exist because rsync uses non-encrypted transmission protocols. If the rsync service is enabled and data is transmitted between servers over the network, attackers can...

6.5AI score
Exploits0References1
NVD
NVD
added 2025/05/05 6:15 p.m.29 views

CVE-2025-45237

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...

7.5CVSS0.0038EPSS
Exploits1References2
OSV
OSV
added 2025/05/05 6:15 p.m.2 views

CVE-2025-45237

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...

7.5CVSS7AI score
Exploits0References2
OSV
OSV
added 2025/05/05 12:15 p.m.4 views

DEBIAN-CVE-2025-2545

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...

2.3CVSS5.2AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.4 views

PT-2025-19752 · Dbsyncer · Dbsyncer

Name of the Vulnerable Software and Affected Versions: DBSyncer version 2.0.6 Description: The issue is related to incorrect access control in the component /config/download of DBSyncer, allowing attackers to access a JSON file that contains sensitive account information, including the encrypted...

7.5CVSS6.1AI score0.0038EPSS
Exploits1References8
Packet Storm News
Packet Storm News
added 2025/05/05 12:0 a.m.2 views

Encrypted Federated Search Using Homomorphic Encryption

The sharing of information between agencies is effective in dealing with cross-jurisdictional criminal activities; however, such sharing is often restricted due to concerns about data privacy, ownership, and compliance. Towards this end, this work has introduced a privacy-preserving federated...

7.4AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/05/05 12:0 a.m.4 views

CVE-2025-45237

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...

7.5AI score0.0038EPSS
Exploits1References2
CVE
CVE
added 2025/05/05 12:0 a.m.54 views

CVE-2025-45237

CVE-2025-45237 concerns DBSyncer v2.0.6 with an incorrect access control in the /config/download component. The issue could allow unauthenticated access to a JSON file that contains sensitive account information, including encrypted passwords. Impact is stated in sources as high confidentiality r...

7.5CVSS6.5AI score0.0038EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/04 5:3 p.m.26 views

CVE-2023-53055

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

5.5CVSS6.9AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/03 1:39 a.m.19 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

7.3CVSS7.2AI score0.00197EPSS
Exploits1References1
NVD
NVD
added 2025/05/02 4:15 p.m.11 views

CVE-2023-53055

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

5.5CVSS0.00159EPSS
Exploits0References4
Rows per page
Query Builder