Lucene search
K

794 matches found

CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

WatchGuard Agent 安全漏洞

WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. Versions of WatchGuard Agent prior to 1.25.03.0000 contain security vulnerabilities. These vulnerabilities stem from the use of hard-coded encryption keys, which may lead to...

8.5CVSS5.9AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.9 views

CDAC e-Sushrut 安全漏洞

CDAC e-Sushrut is a system platform provided by the Indian company CDAC, which facilitates hospital information management and medical process support. There is a security vulnerability in CDAC e-Sushrut. This vulnerability stems from the leakage of sensitive information in client-side JavaScript...

8.7CVSS5.8AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

Silex SD-330AC和Silex AMC Manager 安全漏洞

Both the Silex SD-330AC and the Silex AMC Manager are products of the Japanese company Silex. The Silex SD-330AC is a device server that provides wireless network connectivity and the ability to share with USB devices. The Silex AMC Manager is a management software used for centralized management...

6.9CVSS7.1AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiClientEMS 安全漏洞

Fortinet FortiClientEMS is part of the endpoint management solution provided by Fortinet, a company owned by Fortinet Corporation. It aims to help organizations effectively manage terminal devices within their networks and provide monitoring and control of endpoint security. There are security...

6CVSS5.8AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

Apache OpenMeetings 安全漏洞

Apache OpenMeetings is a multilingual, customizable video conferencing and collaboration system developed by the Apache Foundation in the United States. This product supports audio and video capabilities, and allows users to view the desktops of each participant. Prior to Apache OpenMeetings 9.0....

7.5CVSS5.8AI score0.00234EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2026/04/07 9:45 a.m.7 views

Hong Kong Police Can Force You to Reveal Your Encryption Keys

According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, etc.--even if you are just transiting the airport. In a security alert dated March 26, the U.S. Consulate General said that, on March 23, 2026, Hong Kong...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

Tenda 4G03 安全漏洞

The Tenda 4G03 is a wireless router produced by the Chinese company Tenda. The Tenda 4G03 Pro 1.0 version, 1.0re version, 01.bin version, and 04.03.01.53 version have security vulnerabilities, which stem from the use of hardcoded encryption keys...

6.9CVSS6.1AI score0.00435EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.8 views

Noelse Individuals & Pro App 安全漏洞

Noelse Individuals & Pro App is a financial services app developed by the French company Noelse, designed for individual and professional users to manage online accounts, handle payments, and access financial tools. The Noelse Individuals & Pro App versions 2.1.7 and earlier contain security...

4.8CVSS5.8AI score0.00144EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.40 views

PropertyGuru AgentNet Singapore App 安全漏洞

The PropertyGuru AgentNet Singapore App is a mobile application used by PropertyGuru in Singapore as an real estate agency. The PropertyGuru AgentNet Singapore App versions prior to 23.7.10 contained a security vulnerability, which was caused by the use of hardcoded encryption keys for parameters...

4.8CVSS5.8AI score0.00144EPSS
Exploits0References4
NVD
NVD
added 2026/04/02 9:16 a.m.3 views

CVE-2026-29133

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...

9.1CVSS0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/02 8:26 a.m.2 views

CVE-2026-29133

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...

5.3CVSS5.9AI score0.00232EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 9:8 p.m.5 views

USN-8132-1 roundcube vulnerabilities

It was discovered that Roundcube Webmail did not properly sanitize certain HTML elements within the e-mail body. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. CVE-2016-4068, CVE-2016-4069 It was discovered that...

8.8CVSS5.8AI score0.60162EPSS
Exploits6References11
SUSE CVE
SUSE CVE
added 2026/03/25 12:26 a.m.4 views

SUSE CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...

9.8CVSS6.7AI score0.22162EPSS
Exploits13References3
VulnCheck KEV
VulnCheck KEV
added 2026/03/19 12:0 a.m.111 views

VulnCheck KEV: CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...

9.8CVSS5.8AI score0.22162EPSS
In wildExploits13References38
Snyk
Snyk
added 2026/03/16 4:26 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

7.6CVSS5.9AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.7 views

go-fastdfs-web 安全漏洞

go-fastdfs-web is a web management platform for a distributed file storage system developed by Perfree’s individual developers. Versions of go-fastdfs-web prior to 1.3.7 contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the rememberMeManager function in the...

6.3CVSS5.8AI score0.00355EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/09 8:50 p.m.6 views

EUVD-2026-10357

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...

9.6CVSS5.9AI score0.00267EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.5 views

CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...

9.8CVSS5.7AI score0.22162EPSS
Exploits13References1
NVD
NVD
added 2026/03/05 7:16 p.m.9 views

CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...

9.8CVSS0.22162EPSS
Exploits13References1
EUVD
EUVD
added 2026/03/05 6:26 p.m.4 views

EUVD-2026-9847

Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure...

9.8CVSS5.9AI score0.22162EPSS
Exploits13References4
Rows per page
Query Builder