Lucene search
+L

141 matches found

CVE
CVE
added 2024/08/10 5:44 p.m.58 views

CVE-2024-21881

CVE-2024-21881 affects Envoy 4.x through 5.x. The vulnerability is an Inadequate Encryption Strength issue that allows an authenticated attacker to execute arbitrary OS commands via encrypted package upload. Connected documents confirm affected software and the underlying issue, and indicate ther...

8.6CVSS7.2AI score0.00287EPSS
Exploits0References3
CVE
CVE
added 2024/08/02 10:5 a.m.54 views

CVE-2024-40719

CVE-2024-40719 affects CHANGING Information Technology TCBServiSign Windows Version. The issue is insufficient encryption strength of the authorization keys used by the product, enabling a remote attacker to entice a victim to visit a malicious website and cause TCBServiSign to treat that site as...

6.5CVSS6.5AI score0.00185EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.24 views

Siemens SIMATIC and SCALANCE Products Inadequate Encryption Strength (CVE-2022-2097)

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of 'in place' encryption...

8.8CVSS6.8AI score0.04425EPSS
Exploits0References9
Veracode
Veracode
added 2024/06/11 7:59 a.m.16 views

Inadequate Encryption Strength

Ninja Core is vulnerable to Inadequate Encryption Strength. The vulnerability is due to the encrypt method in the CookieEncryption class which uses AES with default padding, leading to the possible leakage of sensitive cookie information...

7.5CVSS6.5AI score0.0078EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2024/06/11 12:0 a.m.41 views

Siemens SCALANCE XM-400, XR-500

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.9CVSS8.6AI score0.16195EPSS
Exploits0References12
ICS
ICS
added 2024/06/11 12:0 a.m.68 views

Siemens TIM 1531 IRC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS9.4AI score0.20444EPSS
Exploits10References12
NVD
NVD
added 2024/05/29 4:15 p.m.17 views

CVE-2024-28974

Dell Data Protection Advisor, versions 19.9, contains an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

7.6CVSS7.3AI score0.00128EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/29 3:21 p.m.23 views

CVE-2024-28974

Dell Data Protection Advisor, versions 19.9, contains an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

7.6CVSS7.3AI score0.00128EPSS
Exploits0References1
NVD
NVD
added 2024/03/01 11:15 a.m.27 views

CVE-2024-22458

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

5.3CVSS4.2AI score0.00132EPSS
Exploits0References1
CVE
CVE
added 2024/03/01 10:57 a.m.101 views

CVE-2024-22458

Dell Secure Connect Gateway (version 5.18) is affected by an Inadequate Encryption Strength vulnerability. An unauthenticated network attacker could potentially recover plaintext from a block of ciphertext due to weak cryptographic strength. The CTI sources consistently identify the affected prod...

5.3CVSS4.4AI score0.00132EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/01 10:57 a.m.30 views

CVE-2024-22458

Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

3.7CVSS4.6AI score0.00132EPSS
Exploits0References1
ICS
ICS
added 2024/02/13 12:0 a.m.71 views

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS10AI score0.20444EPSS
Exploits0References12
CVE
CVE
added 2023/11/16 6:21 a.m.46 views

CVE-2023-43757

CVE-2023-43757 concerns ELECOM and LOGITEC router devices with inadequate encryption strength, enabling a network-adjacent, unauthenticated attacker to guess the wireless LAN key and intercept traffic. The Red Hat/Red Hat-applied and JVN entries confirm the core issue and list affected vendors/pr...

6.5CVSS6.4AI score0.00496EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/11/02 3:15 a.m.16 views

Design/Logic Flaw

Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...

2.6CVSS5.6AI score0.0035EPSS
Exploits0References3Affected Software91
AlpineLinux
AlpineLinux
added 2023/10/19 10:15 p.m.61 views

CVE-2023-44690

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

5CVSS6.7AI score0.0022EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/10/19 10:15 p.m.17 views

CVE-2023-44690

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

7.5CVSS7.1AI score0.0022EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/19 12:0 a.m.27 views

CVE-2023-44690

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

7.4AI score0.0022EPSS
Exploits1References1
CNVD
CNVD
added 2023/10/07 12:0 a.m.13 views

Dell Data Protection Central Encryption Issue Vulnerability

Dell Data Protection Central is a suite of data protection solutions from Dell USA. The product provides single sign-on, dashboards, and system monitoring. A vulnerability exists in Dell Data Protection Central version 19.9 due to an encryption issue that stems from insufficient encryption...

7.5CVSS6.7AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/27 3:44 p.m.11 views

CVE-2023-4129

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

5.9CVSS6.9AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2023/09/27 3:44 p.m.52 views

CVE-2023-4129

CVE-2023-4129 affects Dell Data Protection Central, version 19.9, with an inadequate encryption strength issue. An unauthenticated network attacker could potentially recover plaintext from a block of ciphertext. The connected documents confirm the affected product/version and the underlying cause...

7.5CVSS7.4AI score0.00171EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder