Lucene search
K

152 matches found

Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.4 views

PT-2025-27671 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome affected versions not specified Description: A security bypass issue exists in the AppBound cookie encryption mechanism of Google Chrome due to insufficient validation of COM server paths during inter-process communication. This...

9.3CVSS5.8AI score
Exploits0References8
OSV
OSV
added 2025/06/10 9:31 p.m.4 views

GHSA-RRR2-JCR8-7Q3X @nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests

A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...

9.4CVSS7AI score0.00192EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/06/10 9:31 p.m.6 views

@nx/azure-cache Vulnerable to Build Cache Poisoning via Untrusted Pull Requests

A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...

9.4CVSS7AI score0.00192EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:56 p.m.8 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS6.9AI score0.00231EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 p.m.7 views

CVE-2020-12638

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...

6.8CVSS7.2AI score0.00469EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 p.m.5 views

CVE-2020-19037

Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies...

5.3CVSS6.8AI score0.00886EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.23 views

CVE-2019-13053

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

6.5CVSS7AI score0.00745EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:1 a.m.7 views

CVE-2016-10761

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...

6.5CVSS6.9AI score0.00745EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-7798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for...

7.5CVSS6.8AI score0.03167EPSS
Exploits1References3
OSV
OSV
added 2025/02/25 3:13 p.m.16 views

USN-7297-1 ProFTPD vulnerabilities

Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. CVE-2023-48795 Martin Mirchev discovered that...

7.5CVSS6.9AI score0.9378EPSS
Exploits5References4
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

Digital Guardian Agent 安全漏洞

Digital Guardian Agent is a widely used data protection platform for cloud environments from US-based Digital Guardian, Inc. It can discover, categorize and control the movement of data across endpoints, networks and clouds. A security vulnerability exists in Digital Guardian Agent versions prior...

4.3CVSS6.5AI score0.00139EPSS
Exploits0References2
NVD
NVD
added 2024/06/14 4:15 a.m.23 views

CVE-2024-27160

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for th...

6.2CVSS0.00238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.34 views

RHEL 6 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Command injection vulnerability in Net::FTP CVE-2017-17405 - ruby: OpenSSL::X509::Name equality che...

9.8AI score0.73927EPSS
Exploits16References28
Cvelist
Cvelist
added 2024/03/25 2:31 p.m.47 views

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

6.1CVSS6.3AI score0.00208EPSS
Exploits2References8
ATTACKERKB
ATTACKERKB
added 2023/12/13 9:15 p.m.4 views

CVE-2023-50442

Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...

5.5CVSS6AI score0.00127EPSS
Exploits0References3
OSV
OSV
added 2023/12/13 9:15 p.m.4 views

CVE-2023-50442

Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.17 views

Cisco Nexus 1000V VSM/VEM Communication Encryption Bypass (CVE-2013-1208)

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module VSM to Virtual Ethernet Module VEM communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID...

5.8CVSS5.5AI score0.00657EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 4:15 p.m.5 views

CVE-2023-35818

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.8CVSS5.8AI score0.00198EPSS
Exploits0References2
OSV
OSV
added 2023/07/06 1:15 p.m.2 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
NVD
NVD
added 2023/07/06 1:15 p.m.23 views

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS7.6AI score0.00231EPSS
Exploits0References2
Rows per page
Query Builder