Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 12:9 a.m.11 views

CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

7.5CVSS5.7AI score0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 6:13 p.m.7 views

CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

5.7AI score0.00163EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/03 6:13 p.m.9 views

CVE-2026-8881 CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

5.7AI score0.00163EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 6:13 p.m.38 views

CVE-2026-8881 CVE-2026-8881

Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...

0.00163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/04/15 6:15 a.m.3 views

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS6.7AI score0.00331EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2024/07/30 8:52 a.m.7 views

freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

9CVSS7.2AI score0.14859EPSS
Exploits2References10
Rows per page
Query Builder