Lucene search
K

5469 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.6 views

The vulnerability of the UNI-NMS-Lite network management system, which stems from the use of rigidly encrypted account data, allows a hacker to elevate their privileges to the level of an administrator.

The vulnerability of the UNI-NMS-Lite network management system is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to the level of an administrator...

10CVSS8AI score0.0048EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/04/24 12:0 a.m.4 views

The vulnerability of the Telnet service of the TOTOLINK A810R router’s microprogramming system allows a intruder to disclose protected information.

The vulnerability of the Telnet service in the microprogramming software of TOTOLINK A810R routers is related to the use of strictly encrypted login credentials. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

6.5CVSS5.4AI score0.00244EPSS
Exploits1References2Affected Software1
HackRead
HackRead
added 2025/04/23 1:10 p.m.13 views

Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE

Lattica’s cloud-based solution uses Fully Homomorphic Encryption to query encrypted data on AI models without decrypting it, preserving privacy and bolstering security...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/22 12:0 a.m.6 views

The vulnerability of the Four-Faith F3x36 router’s microprogramming software, which stems from the use of strictly encrypted login credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Four-Faith F3x36 router’s microprogramming software is related to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through specially crafted HTT...

10CVSS7.7AI score0.0296EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/04/21 4:17 p.m.2 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to a race condition in the traffic processing mechanism. An attacker can intercept and read packets that should be encrypted. Remediation Upgrade github.com/cilium/cilium/bpf to version 1.15.16, 1.16.9, 1.17.3 or...

6.3CVSS6.8AI score0.00118EPSS
Exploits0References3
Snyk
Snyk
added 2025/04/21 4:17 p.m.1 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to a race condition in the traffic processing mechanism. An attacker can intercept and read packets that should be encrypted. Remediation Upgrade github.com/cilium/cilium/bpf/lib to version 1.15.16, 1.16.9, 1.17.3 or...

6.3CVSS6.8AI score0.00118EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/04/21 12:0 a.m.3 views

DecETT: Accurate App Fingerprinting under Encrypted Tunnels Via Dual Decouple-Based Semantic Enhancement

Whitepaper called DecETT: Accurate App Fingerprinting Under Encrypted Tunnels Via Dual Decouple-Based Semantic Enhancement...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/19 12:0 a.m.9 views

The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming software allows a hacker to disclose protected information.

The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming systems is related to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...

10CVSS7.7AI score0.00819EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/18 12:0 a.m.18 views

The vulnerability of the multi-platform SCADA system KROON-TM, related to the use of a rigidly encrypted cryptographic key for the SSL certificate, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the multi-platform SCADA system KROON-TM is related to the use of a rigidly encrypted cryptographic key for the SSL certificate. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/17 12:0 a.m.5 views

The vulnerability of the encrypted() function in the cross-platform framework for developing Qt software allows a hacker to induce a service failure.

The vulnerability of the encrypted function in the cross-platform framework for Qt software development is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

8.6CVSS7.5AI score0.00494EPSS
Exploits0References9Affected Software6
Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.4 views

PCDiff: Proactive Control for Ownership Protection in Diffusion Models with Watermark Compatibility

With the growing demand for protecting the intellectual property IP of text-to-image diffusion models, we propose PCDiff -- a proactive access control framework that redefines model authorization by regulating generation quality. At its core, PCDIFF integrates a trainable fuser module and...

7AI score
Exploits0
HackRead
HackRead
added 2025/04/15 8:46 p.m.8 views

Operation BULUT: Encrypted Chats from Sky ECC, ANOM Lead to 232 Arrests

Intelligence from encrypted platforms like Sky ECC and ANOM has led to the arrest of 232 individuals and…...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.6 views

FLSSM: a Federated Learning Storage Security Model with Homomorphic Encryption

Federated learning based on homomorphic encryption has received widespread attention due to its high security and enhanced protection of user data privacy. However, the characteristics of encrypted computation lead to three challenging problems: "computation-efficiency", "attack-tracing" and...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.5 views

The vulnerability of the Primo RPA Orchestrator module of the Primo RPA automation platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Primo RPA Orchestrator module of the Primo RPA automation platform lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/04/09 7:0 a.m.2 views

smb: client: Add check for next_buffer in receive_encrypted_standard()

...

5.5CVSS6.9AI score0.0021EPSS
Exploits0
Citrix
Citrix
added 2025/04/09 12:0 a.m.12 views

uberAgent is unable to read encrypted credentials stored in Windows Credential Store

Customer is attempting to store encrypted credentials in the Windows Credentials Store as described in the uberAgent documentation https://docs.citrix.com/en-us/uberagent/7-3-1/uxm-features-configuration/username-and-configuration-setting-encryption-2.html, but uberAgent is unable to read the...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.6 views

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260, a multi-functional device for measuring parameters of electrical circuits, allows a hacker to gain unauthorized access to the device.

The vulnerability of the Data Manager component in the microprogramming software for multifunctional measurement devices for measuring electrical network parameters from Siemens SENTRON 7KT PAC1260 is related to the use of rigidly encrypted account data. Exploiting this vulnerability can allow an...

10CVSS5.9AI score0.00591EPSS
Exploits0References2
CVE
CVE
added 2025/04/07 4:23 p.m.49 views

CVE-2025-3426

The CVE-2025-3426 entry describes lack of reverse engineering protections in Philips IntelliSpace Portal binaries, enabling discovery of hardcoded credentials. Affected products are IntelliSpace Portal 12 and earlier and Advanced Visualization Workspace 15. Technical details from connected source...

7.2CVSS7.6AI score0.00144EPSS
Exploits0References2
OSV
OSV
added 2025/04/04 7:21 a.m.10 views

BIT-JENKINS-2025-31721

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration...

4.3CVSS6.9AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2025/04/02 3:31 p.m.0 views

GHSA-WR6W-JXG7-QPFH Jenkins Missing Permission Check

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration. This is due to an...

4.3CVSS7AI score0.00361EPSS
Exploits0References3
Rows per page
Query Builder