Lucene search
K

6 matches found

OSV
OSV
added 2026/06/09 5:17 p.m.5 views

ALPINE-CVE-2026-42768

Issue summary: The CMSdecrypt and PKCS7decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the...

3.7CVSS5.5AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/30 8:56 p.m.17 views

CVE-2025-34215

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...

9.4CVSS8.3AI score0.0106EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/29 8:43 p.m.9 views

CVE-2025-34215 Vasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCE

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...

9.4CVSS0.0106EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/29 8:43 p.m.5 views

CVE-2025-34215 Vasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCE

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...

9.4CVSS7.6AI score0.0106EPSS
Exploits1References4
NVD
NVD
added 2024/03/05 6:15 a.m.37 views

CVE-2023-42419

Maintenance Server, in Cybellum's QCOW air-gapped distribution China Edition, versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the...

3.8CVSS4.3AI score0.00139EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9799/info Multiple vulnerabilities have been identified in the application that may allow an attacker to obtain the private cryptographic key and gain access to sensitive information. The application is also reported pron...

7.1AI score
Exploits0
Rows per page
Query Builder