Lucene search
K

5469 matches found

OSV
OSV
added 2025/05/02 4:15 p.m.3 views

UBUNTU-CVE-2023-53055

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.10 views

CVE-2023-53055 fscrypt: destroy keyring after security_sb_delete()

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

0.00159EPSS
Exploits0References4
OSV
OSV
added 2025/05/02 3:55 p.m.14 views

CVE-2023-53055 fscrypt: destroy keyring after security_sb_delete()

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

5.5CVSS5AI score0.00159EPSS
Exploits0References7
OSV
OSV
added 2025/05/01 8:15 p.m.4 views

CVE-2025-46632

Initialization vector IV reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server...

6.5CVSS5.8AI score0.00266EPSS
Exploits1References2
NVD
NVD
added 2025/05/01 8:15 p.m.15 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

7.3CVSS0.00197EPSS
Exploits1References2
OSV
OSV
added 2025/05/01 8:15 p.m.5 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

7.3CVSS5.8AI score0.0083EPSS
Exploits1References2
Metasploit
Metasploit
added 2025/05/01 6:50 p.m.475 views

LDAP Password Disclosure

This module will gather passwords and password hashes from a target LDAP server via multiple techniques including Windows LAPS. For best results, run with SSL because some attributes are only readable over encrypted connections. Module Options msf use auxiliary/gather/ldappasswords msf...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2025/05/01 12:0 a.m.10 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

0.00197EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/01 12:0 a.m.7 views

CVE-2025-46632

Initialization vector IV reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server...

6.4AI score0.00266EPSS
Exploits1References2
CVE
CVE
added 2025/05/01 12:0 a.m.65 views

CVE-2025-46632

CVE-2025-46632 affects Tenda RX2 Pro (firmware 16.03.30.14). The issue is IV reuse in the web management portal, enabling an attacker to discern information about, or more easily decrypt, messages between client and server. The exploitation details are not provided in the documents, but the CVSS ...

6.5CVSS6.4AI score0.00266EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

Tenda RX2 Pro 安全漏洞

Tenda RX2 Pro is a high performance WiFi 6 signal amplifier from Tenda China. An information disclosure vulnerability exists in Tenda RX2 Pro version 16.03.30.14, which can be exploited by an attacker to potentially cause decryption of encrypted messages...

6.5CVSS6.4AI score0.00266EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/04/30 10:9 a.m.23 views

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS7AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/04/28 10:15 a.m.17 views

CVE-2025-3200

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/28 9:37 a.m.26 views

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/28 9:37 a.m.14 views

CVE-2025-3200 Com-Server Exposed via Weak TLS

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems...

9.1CVSS7AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2025/04/28 9:37 a.m.98 views

CVE-2025-3200

CVE-2025-3200 affects the Com-Server component, where an unauthenticated remote attacker could exploit the use of insecure TLS 1.0 and TLS 1.1 to intercept and manipulate encrypted communications between the Com-Server and connected systems. The issue stems from weak cryptographic protocol suppor...

9.1CVSS7.1AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/28 12:0 a.m.3 views

PT-2025-18058 · Unknown · Com-Server

Name of the Vulnerable Software and Affected Versions: Com-Server affected versions not specified Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connecte...

9.1CVSS6.2AI score0.00312EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/04/28 12:0 a.m.3 views

Wiesemann & Theis Com-Server 加密问题漏洞

Wiesemann & Theis Com-Server is a communication server for industrial automation from Wiesemann & Theis that provides connectivity between serial devices and Ethernet. A cryptographic issue vulnerability exists in Wiesemann & Theis Com-Server versions prior to 1.60 that stems from the use of...

9.1CVSS6.4AI score0.00312EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.6 views

The vulnerability of the Gladinet CentreStack software platform for secure file sharing lies in the use of strictly encrypted user credentials, allowing a hacker to execute arbitrary code.

The vulnerability of the Gladinet CentreStack file sharing software platform lies in the use of strictly encrypted user credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.92727EPSS
Exploits6References3Affected Software1
OSV
OSV
added 2025/04/25 2:6 p.m.5 views

OESA-2025-1452 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.CVE-2024-49504...

7CVSS6.9AI score0.00325EPSS
Exploits0References2
Rows per page
Query Builder