14 matches found
GO-2026-4614 Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
Exploit for CVE-2026-27944
CVE-2026-27944 - Nginx-UI Unauthenticated Backup Download !...
MyHoard 安全漏洞
MyHoard is an open source database backup recovery tool from Aiven Open. A security vulnerability exists in MyHoard versions prior to 1.3.0, which stems from improper logging of backup information and could lead to encryption key disclosure...
Vasion Print Virtual Appliance Host 安全漏洞
Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from a hard-coded private key stored in a plaintext file, which could lead to the disclosure of the...
ConnectWise Risk Assessment 安全漏洞
ConnectWise Risk Assessment is a cybersecurity risk assessment tool from ConnectWise that identifies vulnerabilities, compliance gaps, and provides remediation recommendations in enterprise IT environments to help MSPs and organizations achieve proactive risk management. ConnectWise Risk Assessme...
kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses
A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live...
CVE-2023-48055
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...
CVE-2018-12308
Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...
CVE-2018-12308
Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...
Code injection
Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...
CVE-2018-12308
Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...
CVE-2018-12308
ASUSTOR ADM 3.1.1 is affected by an information disclosure in share.cgi that allows an attacker to obtain the encryption key via the encrypt_key URL parameter. The root cause is a flaw in how share.cgi handles the key, enabling unauthorized access to the encryption key and potential compromise of...
TrendMicro OfficeScan 11.0 / XG (12.0) Encryption Key Disclosure
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14083-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-REMOTE-ENCRYPTION-KEY-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ========...
Multiple Vulnerabilities in ASP.NET AJAX and Sitefinity Progress Telerik UI
ASP.NET AJAX is a control for ASP.NET; Sitefinity is an open source platform for building enterprise websites and intranets. Progress Telerik UI is a UI user interface for ASP.NET controls that handles AJAX, developed by American Telerik. A security vulnerability in Telerik.Web.UI.dll for Progres...