Lucene search
K

25566 matches found

Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.4 views

DRAMatic Speedup: Accelerating HE Operations on a Processing-In-Memory System

Homomorphic encryption HE is a promising technology for confidential cloud computing, as it allows computations on encrypted data. However, HE is computationally expensive and often memory-bound on conventional computer architectures. Processing-in-Memory PIM is an alternative hardware architectu...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.3 views

Secrecy and Verifiability: An Introduction to Electronic Voting

Democracies are built upon secure and reliable voting systems. Electronic voting systems seek to replace ballot papers and boxes with computer hardware and software. Proposed electronic election schemes have been subjected to scrutiny, with researchers spotting inherent faults and weaknesses...

5.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.6 views

PT-2026-7894

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.8.6 authentik versions prior to 2025.10.4 authentik versions prior to 2025.12.4 Description authentik is an open-source identity provider. When using a SAML Source with the 'Verify Assertion Signature' option...

8.8CVSS5.4AI score0.00166EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.6 views

newbee-mall 加密问题漏洞

newbee-mall is an e-commerce system developed by newbee with open source. newbee-mall has encryption-related vulnerabilities; these vulnerabilities stem from the use of the unsalted MD5 hash algorithm for storing and verifying user passwords. This allows attackers to quickly recover plaintext...

9.3CVSS5.8AI score0.00191EPSS
Exploits1References3
CVE
CVE
added 2026/02/11 9:7 p.m.20 views

CVE-2026-26014

Pion DTLS (Go) vulnerability CVE-2026-26014 affects versions v1.0.0–v3.1.0 due to improper nonce generation with AES-GCM ciphers, enabling nonce reuse in a session. This can let remote attackers obtain the authentication key and spoof data. Remedy: upgrade to v3.1.0 or later. The provided documen...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 9:7 p.m.6 views

CVE-2026-26014 Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/11 4:23 p.m.9 views

Security Bulletin: IBM Security QRadar EDR Software has multiple vulnerabilities

Summary IBM Security QRadar EDR Software is affected by multiple vulnerabilities that could allow an attacker to perform cross-site scripting XSS attacks or exploit weak cryptographic algorithms to decrypt sensitive information. These vulnerabilities have been addressed in version 3.12.24...

8.8CVSS4.7AI score0.00844EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2026/02/11 3:13 p.m.6 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation There is no fixed...

8.2CVSS5.7AI score0.00619EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/11 3:13 p.m.5 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation Upgrade...

8.2CVSS5.7AI score0.00619EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/11 3:13 p.m.7 views

Inadequate Encryption Strength

Overview github.com/pion/dtls is a DTLS 1.2 Server/Client implementation for Go. Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by...

8.2CVSS5.7AI score0.00619EPSS
Exploits0References2
OSV
OSV
added 2026/02/11 3:13 p.m.4 views

GHSA-9F3F-WV7R-QC8R Pion DTLS's usage of random nonce generation with AES GCM ciphers risks leaking the authentication key

Impact Pion DTLS versions v1.0.0 through v3.0.10 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Patches Upgrade to v3.1.1 or late...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/02/11 3:13 p.m.9 views

Pion DTLS's usage of random nonce generation with AES GCM ciphers risks leaking the authentication key

Impact Pion DTLS versions v1.0.0 through v3.0.10 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Patches Upgrade to v3.1.1 or late...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References8Affected Software3
RedhatCVE
RedhatCVE
added 2026/02/11 1:16 p.m.6 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS5.4AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.8 views

PT-2026-7719

Name of the Vulnerable Software and Affected Versions Pion DTLS versions 1.0.0 through 3.1.0 Description Pion DTLS, a Go implementation of Datagram Transport Layer Security, is susceptible to an issue where the use of random nonce generation with AES GCM ciphers allows remote attackers to...

9.1CVSS5.5AI score0.00654EPSS
Exploits2References132
VulnCheck KEV
VulnCheck KEV
added 2026/02/11 12:0 a.m.7 views

VulnCheck KEV: CVE-2026-1357

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when...

9.8CVSS7.6AI score0.32714EPSS
In wildExploits13References2
The Hacker News
The Hacker News
added 2026/02/10 1:59 p.m.13 views

From Ransomware to Residency: Inside the Rise of the Digital Parasite

Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and...

6.5AI score
Exploits0
NVD
NVD
added 2026/02/10 10:15 a.m.6 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS0.00267EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 9:58 a.m.28 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS0.00267EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 9:58 a.m.3 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS5.4AI score0.00267EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 9:58 a.m.4 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS5.4AI score0.00267EPSS
Exploits0References2
Rows per page
Query Builder