Lucene search
K

25568 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.10 views

Moxa Industrial Linux 安全漏洞

Moxa Industrial Linux is an industrial-grade Linux system developed by Moxa Corporation in Taiwan, China. Moxa Industrial Linux has a security vulnerability, which stems from the physical attack vulnerability present in LUKS full-disk encryption supported by TPM. This vulnerability could lead to...

7CVSS5.8AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 5:16 p.m.6 views

UBUNTU-CVE-2026-23102

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References13
EUVD
EUVD
added 2026/02/04 4:7 p.m.7 views

EUVD-2026-5484

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

5.2AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.4 views

CVE-2025-12679

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

7.1CVSS8.4AI score0.00148EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/04 12:0 a.m.4 views

Post-Quantum Identity-Based TLS for 5G Service-Based Architecture and Cloud-Native Infrastructure

Cloud-native application platforms and latency-sensitive systems such as 5G Core networks rely heavily on certificate-based Public Key Infrastructure PKI and mutual TLS to secure service-to-service communication. While effective, this model introduces significant operational and performance...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.5 views

RHEL 8 : kernel (RHSA-2026:1886)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1886 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mac80211: fix potential double...

7.8CVSS6.8AI score0.00335EPSS
Exploits0References18
NVD
NVD
added 2026/02/03 7:16 p.m.12 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 6:5 p.m.25 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

6CVSS0.00247EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/02/03 4:46 p.m.156 views

openclaw-security-quiz

🔒 Security & Best Practices Quiz A mobile-friendly quiz app w...

5.7AI score
Exploits0
Cvelist
Cvelist
added 2026/02/02 9:41 p.m.22 views

CVE-2025-12679 Plain text pbe key visible in audit log during Brocade SANnav migration from 2.4.0a to 3.0.0

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

7.1CVSS0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/02/02 9:41 p.m.12 views

CVE-2025-12679

CVE-2025-12679 affects Brocade SANnav prior to 2.4.0b and 3.0.0, where during migration the Password-Based Encryption (PBE) key is logged in plaintext to the system audit logs. An attacker with local access to these logs (audit logs on the host server, visible only to privileged users) could retr...

7.1CVSS5.5AI score0.00148EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/02 9:41 p.m.3 views

CVE-2025-12679 Plain text pbe key visible in audit log during Brocade SANnav migration from 2.4.0a to 3.0.0

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

7.1CVSS5.5AI score0.00148EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/02/02 2:43 p.m.3 views

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

7.5CVSS6AI score0.01744EPSS
Exploits0References4
OSV
OSV
added 2026/02/02 1:54 p.m.12 views

CLSA-2026-1770040438 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

7.8CVSS6AI score0.00224EPSS
Exploits0References1
OSV
OSV
added 2026/02/02 10:39 a.m.12 views

CLSA-2026-1770028764 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

7.8CVSS6.8AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.5 views

PT-2026-5700

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert utilizes cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive information. Recommendations Update to a version later...

7.5CVSS5.4AI score0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.8 views

PT-2026-5694

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

7.1CVSS5.5AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There are security vulnerabilities in Qualcomm Chipsets, which arise when incorrect inputs provided by HLOS trigger trusted zones that contain exploits, potentially leading to encryption-related issues...

7.8CVSS5.8AI score0.00092EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Brocade SANnav 安全漏洞

Brocade SANnav is a storage area network management software developed by the American company Brocade. Versions of Brocade SANnav prior to 2.4.0b contained security vulnerabilities. These vulnerabilities stemmed from printing password-based encryption keys in plain text within the system audit l...

7.1CVSS5.8AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2026/01/31 8:43 a.m.4 views

BIT-GOLANG-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS7.2AI score0.00276EPSS
Exploits0References5
Rows per page
Query Builder