5469 matches found
ARTEC EMA Mail 安全漏洞
ARTEC EMA Mail is an enterprise-class encrypted mail system from ARTEC. A security vulnerability exists in ARTEC EMA Mail version 6.92 that stems from vulnerability to cross-site request forgery attacks...
The vulnerability of Ivanti Connect Secure and Ivanti Policy Secure, which control network access, stems from the use of a strictly encrypted cryptographic key. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure network access control tools lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
CVE-2025-4382 Grub2: grub allow access to encrypted device through cli once root device is unlocked via tpm
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...
Privacy-Preserving Credit Card Approval Using Homomorphic SVM: toward Secure Inference in FinTech Applications
The growing use of machine learning in cloud environments raises critical concerns about data security and privacy, especially in finance. Fully Homomorphic Encryption FHE offers a solution by enabling computations on encrypted data, but its high computational cost limits practicality. In this...
The vulnerability of the access point loading function in Cisco IOS XE wireless local control devices allows a attacker to execute arbitrary commands.
The vulnerability of the Cisco IOS XE wireless local area network controller’s Access Point AP loading function is related to the presence of a strictly encrypted JSON Web Token JWT. Exploiting this vulnerability allows an attacker to execute arbitrary commands by sending specially crafted HTTPS...
DEBIAN-CVE-2025-26842
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog...
UBUNTU-CVE-2025-26842
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog...
AZL-61729 CVE-2024-47619 affecting package syslog-ng for versions less than 4.3.1-3
syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...
CVE-2025-45237
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...
Do Not Enable the rsync Service
The rsync service can synchronize data between servers or between local drive partitions. However, information leakage risks exist because rsync uses non-encrypted transmission protocols. If the rsync service is enabled and data is transmitted between servers over the network, attackers can...
CVE-2025-45237
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...
CVE-2025-45237
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...
DEBIAN-CVE-2025-2545
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...
PT-2025-19752 · Dbsyncer · Dbsyncer
Name of the Vulnerable Software and Affected Versions: DBSyncer version 2.0.6 Description: The issue is related to incorrect access control in the component /config/download of DBSyncer, allowing attackers to access a JSON file that contains sensitive account information, including the encrypted...
Encrypted Federated Search Using Homomorphic Encryption
The sharing of information between agencies is effective in dealing with cross-jurisdictional criminal activities; however, such sharing is often restricted due to concerns about data privacy, ownership, and compliance. Towards this end, this work has introduced a privacy-preserving federated...
CVE-2025-45237
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password...
CVE-2025-45237
CVE-2025-45237 concerns DBSyncer v2.0.6 with an incorrect access control in the /config/download component. The issue could allow unauthenticated access to a JSON file that contains sensitive account information, including encrypted passwords. Impact is stated in sources as high confidentiality r...
CVE-2023-53055
In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...
CVE-2025-46626
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...
CVE-2023-53055
In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...