Lucene search
K

5472 matches found

UbuntuCve
UbuntuCve
added 2020/11/23 7:15 p.m.27 views

CVE-2020-28896

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials...

5.3CVSS6.1AI score0.02323EPSS
Exploits0References5
CNNVD
CNNVD
added 2020/11/19 12:0 a.m.6 views

Schneider Electric Modicon M221 Security Breach

The Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. The Modicon M221 suffers from a security vulnerability that stems from a sensitive data vulnerability encryption gap that can be exploited by an attacker to find a password hash after capturing...

5.7CVSS6.2AI score0.00201EPSS
Exploits0References3
CNVD
CNVD
added 2020/11/18 12:0 a.m.5 views

Unspecified Vulnerability in Aviatrix Controller

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A security vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. The vulnerability stems from a weak key in an encrypted file containing credentials. No...

7.5CVSS6.8AI score0.01461EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.11 views

CVE-2020-26551

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

7.5CVSS7.5AI score0.00909EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.4 views

CVE-2020-26551

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

7.5CVSS5.8AI score0.00909EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.2 views

CVE-2020-26550

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key...

7.5CVSS7.1AI score0.01461EPSS
Exploits1References1
Prion
Prion
added 2020/11/17 9:15 p.m.15 views

Remote file inclusion

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

5CVSS7.4AI score0.00909EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 8:33 p.m.16 views

CVE-2020-26551

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

7.5AI score0.00909EPSS
Exploits1References1
CVE
CVE
added 2020/11/17 8:26 p.m.43 views

CVE-2020-26550

CVE-2020-26550 pertains to Aviatrix Controller prior to R5.3.1151, where an encrypted file containing credentials is protected by a three-character key. The root cause is a weak key in the encrypted file, which has implications for confidentiality (HIGH per CVSS3.1). The connected documents confi...

7.5CVSS7.4AI score0.01461EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 8:26 p.m.16 views

CVE-2020-26550

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key...

7.5AI score0.01461EPSS
Exploits1References1
CNNVD
CNNVD
added 2020/11/17 12:0 a.m.5 views

Aviatrix Systems Controller 安全漏洞

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A security vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. The vulnerability stems from a weak key in an encrypted file containing credentials. No...

7.5CVSS7.2AI score0.01461EPSS
Exploits1References2
Rapid7 Blog
Rapid7 Blog
added 2020/11/10 1:54 p.m.37 views

Visualizing Network Traffic Data to Drive Action

Top 5 multi group queries for analyzing network sensor data We launched the Insight Network Sensor earlier this year and have since seen great adoption from both new and existing customers. The main use case behind this success is the need for network visibility. Customers want to know what is...

7AI score
Exploits0
CNVD
CNVD
added 2020/11/10 12:0 a.m.4 views

Nextcloud Server Encryption Vulnerability

Nextcloud is a set of client-server software for creating network hard disks.Nextcloud Server is the server. An encryption vulnerability exists in Nextcloud Server 19.0.1. An attacker could use this vulnerability to degrade the encryption scheme and compromise the integrity of encrypted files...

4.1CVSS6.8AI score0.00286EPSS
Exploits2References1
CVE
CVE
added 2020/11/09 2:25 p.m.53 views

CVE-2020-8133

Nextcloud Server 19.0.1 vulnerability (CVE-2020-8133) arises from incorrect passphrase generation for the encrypted block, enabling an attacker to silently overwrite blocks within a file. Public sources (Nextcloud advisory NC-SA-2020-038) describe MAC-based encryption weaknesses that can be explo...

5.3CVSS5.1AI score0.00716EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/11/09 2:19 p.m.31 views

CVE-2020-8150

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...

4.2AI score0.00286EPSS
Exploits2References5
OSV
OSV
added 2020/11/08 2:14 p.m.8 views

MGASA-2020-0404 Updated mariadb packages fix security vulnerabilities

The latest release of mariadb fixes some undisclosed easily exploitable vulnerabilities. CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 and CVE-2020-14812. Additionally some bugs are fixed: - Temporary tables can overwrite existing files MDEV-23569 - Crash on SELECT on a table with indexed virtua...

6.8CVSS6.3AI score0.03012EPSS
Exploits0References3
OSV
OSV
added 2020/11/06 5:15 p.m.2 views

CVE-2020-8577

SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session...

5.9CVSS6.2AI score0.01014EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2020/11/05 9:0 a.m.25 views

WhatsApp Is Adding Disappearing Messages—With Some Limits

The popular encrypted messaging app now lets you automatically make chats vanish after a week, but look out for a few caveats...

2.3AI score
Exploits0
CNVD
CNVD
added 2020/11/05 12:0 a.m.1 views

Unspecified Vulnerability in Apple macOS Catalina (CNVD-2020-61028)

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. Apple macOS Catalina suffers from a security vulnerability that stems from an issue when Siri suggests that a user access encrypted data, which could be inappropriately accessed. No details of the...

7.5CVSS6.6AI score0.00613EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/05 12:0 a.m.1 views

Apple macOS Mojave has an unspecified vulnerability (CNVD-2020-65929)

Apple macOS Mojave is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Mojave versions prior to 10.14.4, which can be exploited by an attacker to intercept the contents of mime-encrypted emails...

6.5CVSS9.1AI score0.00777EPSS
Exploits0References1
Rows per page
Query Builder