Lucene search
K

14 matches found

OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4614 Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI

Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

9.8CVSS5.8AI score0.22162EPSS
Exploits12References5
GithubExploit
GithubExploit
added 2026/03/10 11:23 a.m.235 views

Exploit for CVE-2026-27944

CVE-2026-27944 - Nginx-UI Unauthenticated Backup Download !...

9.8CVSS5.8AI score0.22162EPSS
Exploits12
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

MyHoard 安全漏洞

MyHoard is an open source database backup recovery tool from Aiven Open. A security vulnerability exists in MyHoard versions prior to 1.3.0, which stems from improper logging of backup information and could lead to encryption key disclosure...

7.5CVSS6.2AI score0.00141EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.3 views

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from a hard-coded private key stored in a plaintext file, which could lead to the disclosure of the...

9.2CVSS6.3AI score0.00382EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.3 views

ConnectWise Risk Assessment 安全漏洞

ConnectWise Risk Assessment is a cybersecurity risk assessment tool from ConnectWise that identifies vulnerabilities, compliance gaps, and provides remediation recommendations in enterprise IT environments to help MSPs and organizations achieve proactive risk management. ConnectWise Risk Assessme...

6CVSS6.5AI score0.0009EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.8 views

kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses

A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live...

6.8CVSS6.8AI score0.01297EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/11/16 12:0 a.m.15 views

CVE-2023-48055

SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...

7.6AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2018/12/04 5:29 p.m.15 views

CVE-2018-12308

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...

6.5CVSS6.3AI score0.00586EPSS
Exploits1References1
OSV
OSV
added 2018/12/04 5:29 p.m.3 views

CVE-2018-12308

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...

6.5CVSS5.8AI score0.00586EPSS
Exploits1References1
Prion
Prion
added 2018/12/04 5:29 p.m.17 views

Code injection

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...

4CVSS6.3AI score0.00586EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/04 5:0 p.m.19 views

CVE-2018-12308

Encryption key disclosure in share.cgi in ASUSTOR ADM version 3.1.1 allows attackers to obtain the encryption key via the "encryptkey" URL parameter...

7AI score0.00586EPSS
Exploits1References1
CVE
CVE
added 2018/12/04 5:0 p.m.41 views

CVE-2018-12308

ASUSTOR ADM 3.1.1 is affected by an information disclosure in share.cgi that allows an attacker to obtain the encryption key via the encrypt_key URL parameter. The root cause is a flaw in how share.cgi handles the key, enabling unauthorized access to the encryption key and potential compromise of...

6.5CVSS6.9AI score0.00586EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2017/09/29 12:0 a.m.46 views

TrendMicro OfficeScan 11.0 / XG (12.0) Encryption Key Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14083-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-REMOTE-ENCRYPTION-KEY-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ========...

7.7AI score0.05503EPSS
Exploits7
CNVD
CNVD
added 2017/07/07 12:0 a.m.5 views

Multiple Vulnerabilities in ASP.NET AJAX and Sitefinity Progress Telerik UI

ASP.NET AJAX is a control for ASP.NET; Sitefinity is an open source platform for building enterprise websites and intranets. Progress Telerik UI is a UI user interface for ASP.NET controls that handles AJAX, developed by American Telerik. A security vulnerability in Telerik.Web.UI.dll for Progres...

9.8CVSS6.5AI score0.75098EPSS
Exploits5References1
Rows per page
Query Builder