Lucene search
K

185 matches found

OSV
OSV
added 2021/05/28 12:15 p.m.4 views

CVE-2021-21734

Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1...

6.5CVSS6.6AI score0.00512EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.5 views

ZTE PON MDU 加密问题漏洞

ZTE PON MDU is a China ZTE ZTE company's main application for the connection between network backbone switches, as well as network aggregation layer switches access to the network backbone switch core switch. An encryption issue vulnerability exists in ZTE PON MDUs. The vulnerability originates...

6.5CVSS6.5AI score0.00512EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.5 views

GitLab 信息泄露漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in Gitlab version 11.6 an...

6.8CVSS5.8AI score0.01035EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.8 views

Oclean Mobile Application Encryption Issue Vulnerability

An encryption issue vulnerability exists in Oclean Mobile Application, which arises from a network system or product that does not properly use the relevant cryptographic algorithms, resulting in content that is not properly encrypted, weakly encrypted, and sensitive information stored in plainte...

7.5CVSS7.1AI score0.01066EPSS
Exploits1References3
CNVD
CNVD
added 2020/07/02 12:0 a.m.4 views

bcrypt encryption problem vulnerability

bcrypt is a library used in Node.js for encrypting passwords. An encryption issue vulnerability exists in versions of bcrypt prior to 5.0.0. The vulnerability stems from a networked system or product that does not properly use the relevant cryptographic algorithm, resulting in content that is not...

7.5CVSS6.8AI score0.00785EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/04 12:0 a.m.3 views

D-Link DIR-865L Information Disclosure Vulnerability (CNVD-2020-33169)

The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. An information disclosure vulnerability exists in D-Link DIR-865L Ax version 1.20B01 Beta, which originates from the program storing sensitive information in plaintext form. An attacker can exploit this vulnerability to...

7.5CVSS6.3AI score0.00904EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/07 12:0 a.m.3 views

GnuTLS Encryption Problem Vulnerability

GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. An encryption issue vulnerability exists in versions prior to GnuTLS 3.6.13. The vulnerability stems from a network system or product that does not properly use the relevant cryptographic algorithms,...

7.4CVSS9.1AI score0.03388EPSS
Exploits0
CNVD
CNVD
added 2020/03/31 12:0 a.m.2 views

Unisoon UltraLog Express Sensitive Data Disclosure Vulnerability

Unisoon UltraLog Express is a telephone recording system from Unisoon, Taiwan, China. A security vulnerability exists in Unisoon UltraLog Express, which is caused by the management software storing user information in plaintext. The vulnerability can be exploited by an attacker to gain access to...

8.6CVSS6.8AI score0.00706EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/26 12:0 a.m.3 views

It-novum OpenITCOCKPIT Encryption Issues Vulnerability

It-novum OpenITCOCKPIT is a set of open source system monitoring tools from Germany's It-novum. An encryption issue vulnerability exists in It-novum openITCOCKPIT versions prior to 3.7.3. The vulnerability stems from a network system or product that does not properly use the relevant cryptographi...

9.1CVSS6.5AI score0.0156EPSS
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.260 views

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...

3.1CVSS6.2AI score0.07709EPSS
Exploits7
CNVD
CNVD
added 2020/02/14 12:0 a.m.3 views

Opencast Encryption Issues Vulnerabilities

Opencast is a free and open source video management solution that is scalable, customizable and low cost. An encryption issue vulnerability exists in Opencast versions prior to 8.1 and prior to 7.6. The vulnerability stems from a network system or product that does not properly use the relevant...

8.1CVSS6.5AI score0.00626EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/12 12:0 a.m.1 views

IBM Security Secret Server Encryption Issue Vulnerability

IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. An encryption issue vulnerability exists in IBM Security Secret Server. The...

7.5CVSS9.3AI score0.00792EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/17 12:0 a.m.3 views

STMicroelectronics ST33TPHF2ESPI TPM Encryption Issue Vulnerability

The STMicroelectronics ST33TPHF2ESPI TPM is a Trusted Computing Platform Module from STMicroelectronics, Switzerland. A cryptographic issue vulnerability exists in versions of the STMicroelectronics ST33TPHF2ESPI TPM prior to 2019-09-12. The vulnerability stems from a networked system or product...

5.9CVSS6.5AI score0.03279EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/11 12:0 a.m.1 views

Fortinet FortiClient Information Disclosure Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An information disclosure vulnerability exists in Fortin...

5.5CVSS6.1AI score0.00195EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

cPanel Information Disclosure Vulnerability (CNVD-2019-28990)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. An encryption issue vulnerability exists in versions of cPanel prior to 60.0.25. The vulnerability stems from a network...

7.5CVSS6.5AI score0.01111EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/06 12:0 a.m.4 views

Magento encryption issue vulnerability (CNVD-2019-40840)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and...

7.5CVSS6.6AI score0.00738EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/03 12:0 a.m.1 views

Magento encryption issue vulnerability (CNVD-2019-40837)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...

6.5AI score
Exploits0References1
CNVD
CNVD
added 2019/05/30 12:0 a.m.2 views

IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog Encryption Issue Vulnerability

IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a set of cloud-based data integration platform.IBM Watson Knowledge Catalog is a unified data catalog system. Watson Knowledge...

6.2CVSS6.7AI score0.00211EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/07 12:0 a.m.3 views

Orpak SitOmat Encryption Error Vulnerability

Orpak SitOmat is a remote takeover refueling system from Orpak India. A cryptographic error vulnerability exists in Orpak SitOmat that originates when the program passes sensitive information in plaintext, which can be exploited by an attacker to obtain credentials and bypass authentication...

9.8CVSS6.8AI score0.01005EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/06 12:0 a.m.3 views

ABUS Secvest Encryption Issues Vulnerabilities

ABUS Secvest FUAA50000 is a wireless remote control from ABUS Germany. An encryption issue vulnerability exists in the ABUS Secvest FUAA50000 using firmware version 3.01.01. The vulnerability stems from a networked system or product that does not properly use the relevant cryptographic algorithms...

8.1CVSS6.7AI score0.01592EPSS
Exploits1References1
Rows per page
Query Builder