EUVD-2026-18142

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...

PT-2026-29699

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...

CVE-2025-34234

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-27496 Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver "Driver" in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption...

SonarSource SonarQube Server < 9.9.4 / 10.x < 10.4 Information Disclosure (CVE-2024-38460)

The version of SonarSource SonarQube Server running on the remote host is prior to 9.9.4 or 10.x prior to 10.4. It is, therefore, affected by an information disclosure vulnerability: - In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are...

goTenna Pro 安全漏洞

goTenna Pro is a series of devices from goTenna that can create networks for off-grid communications and situational awareness. A security vulnerability exists in goTenna Pro that stems from the presence of a payload length vulnerability, which allows the length of the payload to be known...

CVE-2023-46919

Phlox com.phlox.simpleserver aka Simple HTTP Server 1.8 and com.phlox.simpleserver.plus aka Simple HTTP Server PLUS 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K AES encryption key. An attacker with physical access to the application's source code or binary can extract this key & use it...

CVE-2023-36539

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information...

PT-2023-25618 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom affected versions not specified Description: Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. Recommendations: At the moment, there is no information about a newer...

Internet Bug Bounty: Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS

A cryptographic vulnerability was found in nodejs-current that allowed openssl.cnf to be read from an insecure location upon startup on MacOS, potentially exposing encryption keys or certificates...

QSAN Storage Manager 信任管理问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A security vulnerability exists in QSAN Storage Manager that stems from the use of a hard-coded encryption key vulnerability that could be exploited by an attacker to gain access to user credentials and...

CVE-2020-25233

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device...

UBUNTU-CVE-2019-5754

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy...