Lucene search
+L

273 matches found

Positive Technologies
Positive Technologies
added 2024/05/29 12:0 a.m.8 views

PT-2024-22656 · Dell · Dell Emc Data Protection Advisor

Name of the Vulnerable Software and Affected Versions: Dell Data Protection Advisor version 19.9 Description: The issue is related to inadequate encryption strength, which could be exploited by a low-privileged attacker with remote access, potentially leading to denial of service. Recommendations...

7.6CVSS7.2AI score0.00128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

8.9AI score0.06204EPSS
Exploits11References13
BDU FSTEC
BDU FSTEC
added 2024/03/19 12:0 a.m.6 views

The vulnerability of the USB Pratirodh software for controlling the use of removable information storage media lies in its insufficient encryption strength, allowing a hacker to obtain the user’s password.

The vulnerability of the USB Pratirodh software for controlling the use of removable information storage media is related to insufficient encryption strength. Exploiting this vulnerability can allow a perpetrator to obtain the user’s password...

7.1CVSS7AI score0.00121EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/02 12:0 a.m.5 views

PT-2024-1988 · Elinksmart · Esmartcam

Name of the Vulnerable Software and Affected Versions: Elink Smart eSmartCam application version 2.1.5 Description: The issue is related to the use of hardcoded AES encryption keys in the application, which can be extracted from a binary file. This allows an attacker who can observe packet data,...

7.8CVSS6.8AI score0.00496EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.5 views

PT-2024-19436 · Dell · Dell Secure Connect Gateway

Name of the Vulnerable Software and Affected Versions: Dell Secure Connect Gateway version 5.18 Description: The issue is related to inadequate encryption strength, which could be exploited by an unauthenticated network attacker to recover plaintext from a block of ciphertext. Recommendations: Fo...

5.3CVSS6.9AI score0.00132EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.7 views

IBM PowerSC 加密问题漏洞

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decry...

7.5CVSS6.5AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/28 12:0 a.m.23 views

Fedora 38 : golang-github-nats-io / golang-github-nats-io-jwt-2 / etc (2023-66966ae3d0)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-66966ae3d0 advisory. Updated NATS stack for CVE-2023-39325 and CVE-2023-46129 Tenable has extracted the preceding description block directly from the Fedora security...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/18 12:0 a.m.5 views

IBM CICS TX Advanced 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A weak algorithmic vulnerability exists in IBM CICS TX Advanced version 10.1, which stems from the use of a weak encryption algorithm that can be exploited by an attacker to decrypt highly...

7.5CVSS6.6AI score0.00426EPSS
Exploits0References3
OSV
OSV
added 2023/11/02 3:15 a.m.4 views

CVE-2023-46327

Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...

5.9CVSS5.8AI score0.0035EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/10/21 1:5 a.m.6 views

SUSE CVE-2023-44690

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

7.5CVSS6.6AI score0.0022EPSS
Exploits1References3
Prion
Prion
added 2023/10/19 10:15 p.m.11 views

Information disclosure

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

5CVSS7.2AI score0.0022EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.6 views

mycli Encryption Problem Vulnerability

mycli is a dbcli open source MySQL terminal client with auto-completion and syntax highlighting. A security vulnerability exists in mycli version 1.27.0, which stems from an insufficient encryption strength issue. An attacker can exploit the vulnerability to view sensitive information via...

7.5CVSS6.4AI score0.0022EPSS
Exploits1References2
Prion
Prion
added 2023/09/27 4:21 p.m.21 views

Code injection

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...

5CVSS7.5AI score0.00171EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.8 views

Dell Data Protection Central 加密问题漏洞

Dell Data Protection Central is a suite of data protection solutions from Dell USA. The product provides single sign-on, dashboards, and system monitoring. A vulnerability exists in Dell Data Protection Central version 19.9 due to an encryption issue that stems from insufficient encryption...

7.5CVSS6.7AI score0.00171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/14 12:0 a.m.18 views

Siemens RUGGEDCOM ROX Inadequate Encryption Strength (CVE-2023-36748)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

6.8CVSS7AI score0.00243EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/27 12:0 a.m.7 views

IBM Storage Copy Data Management 加密问题漏洞

IBM Storage Copy Data Management is a data storage system from International Business Machines IBM. A security vulnerability exists in IBM Storage Copy Data Management versions 2.2.0.0 through 2.2.19.0 that stems from the use of an insufficiently strong encryption algorithm...

7.5CVSS7.3AI score0.00328EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/04 12:0 a.m.6 views

twitch-tui security vulnerability

twitch-tui is a terminal chat application from the individual developers at Xithrius. A security vulnerability exists in twitch-tui that stems from the fact that the software disables TLS in the configuration of irc connections, which results in all communication with the Twitch IRC server being...

7.5CVSS6.8AI score0.00427EPSS
Exploits0References4
OSV
OSV
added 2023/07/05 7:15 p.m.7 views

CVE-2023-34337

AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code HMAC. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability...

8.8CVSS5.8AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/08 2:15 a.m.4 views

CVE-2023-2986

The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated...

9.8CVSS7.4AI score0.41077EPSS
Exploits5References12
OSV
OSV
added 2023/05/15 10:15 a.m.4 views

CVE-2022-4048

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application...

7.7CVSS5.8AI score0.00083EPSS
Exploits0References1
Rows per page
Query Builder