Lucene search
K

25567 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/10 9:58 a.m.4 views

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

6.3CVSS5.4AI score0.00267EPSS
Exploits0References2
CVE
CVE
added 2026/02/10 9:58 a.m.15 views

CVE-2024-52334

CVE-2024-52334 concerns syngo.plaza VB30E (all versions

6.3CVSS5.4AI score0.00267EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.2 views

I2P 2.11.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...

5.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.10 views

PT-2026-7249

Name of the Vulnerable Software and Affected Versions syngo.plaza versions prior to VB30E HF07 Description The application does not properly encrypt passwords. This could allow an attacker to recover original passwords and potentially gain unauthorized access. Recommendations Update to version...

6.3CVSS5.4AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Siemens syngo.plaza 安全漏洞

Siemens syngo.plaza is an image archiving and transmission platform developed by the German company Siemens. Previous versions of Siemens syngo.plaza, such as VB30EHF07, had security vulnerabilities. These vulnerabilities stemmed from improper password encryption, which could allow attackers to...

6.3CVSS5.8AI score0.00267EPSS
Exploits0References2
HackRead
HackRead
added 2026/02/09 9:41 p.m.6 views

Hackers Deliver Global Group Ransomware Offline via Phishing Emails

Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/09 9:9 p.m.143 views

neopythonlogger

chrome-privless-encryption A PoC demonstrating how to bypass...

5.5AI score
Exploits0
NVD
NVD
added 2026/02/09 8:16 a.m.12 views

CVE-2026-22906

User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass...

9.8CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/02/09 7:40 a.m.19 views

CVE-2026-22906

CVE-2026-22906 involves credentials disclosure caused by AES-ECB encryption with a hardcoded key in a configuration file. An unauthenticated remote attacker that can obtain the config file can decrypt and recover plaintext usernames and passwords, with higher risk when combined with an authentica...

9.8CVSS5.6AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.5 views

WeRSS 安全漏洞

WeRSS is a WeChat official account system developed by Rachel. Versions of WeRSS 1.4.8 and earlier contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the SECRETKEY parameter in the core/auth.py file of the JWT Handler component, which could lead to the us...

6.3CVSS5.8AI score0.00268EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.9 views

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 version up to R10.04. These vulnerabilities stem from the use of weak encryption algorithms, which may...

8.8CVSS5.7AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.6 views

PT-2026-7084

Name of the Vulnerable Software and Affected Versions WAGO 0852-1322 affected versions not specified Description User credentials are stored using AES-ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernam...

9.8CVSS5.6AI score0.00328EPSS
Exploits0References11
Redos
Redos
added 2026/02/09 12:0 a.m.10 views

ROS-20260209-73-0033

A vulnerability in the JWE, JWS, JWT go-jose standards suite implementation package for the Go programming language is related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

4.3CVSS5.6AI score0.01956EPSS
Exploits0
RustSec
RustSec
added 2026/02/08 12:0 p.m.8 views

Panic in `libcrux-psq` on decryption of malformed AES-GCM ciphertext

The latest releases of the libcrux-psq crate contains the following bug-fix: 1319: Propagate AEADError instead of panicking The issue fixed in 1319 was first reported by Nadim Kobeissi...

5.3AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/08 1:22 a.m.5 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS8.2AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/07 7:30 p.m.5 views

CVE-2026-2103

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt a...

7.8CVSS5.4AI score0.00097EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/06 10:40 p.m.3 views

CVE-2026-25644 DataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgrade

DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8...

7.5CVSS5.3AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2026/02/06 9:16 p.m.5 views

DEBIAN-CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

7.8CVSS5.5AI score0.00209EPSS
Exploits1References1
NVD
NVD
added 2026/02/06 9:16 p.m.8 views

CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

8.2CVSS0.00209EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/06 8:7 p.m.4 views

CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

8.2CVSS5.5AI score0.00209EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder