Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2021/11/24 1:15 a.m.1 views

CVE-2021-42306

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

8.1CVSS6.7AI score0.08244EPSS
Exploits0References1
Prion
Prionadded 2021/11/24 1:15 a.m.20 views

Information disclosure

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

4CVSS7.6AI score0.08244EPSS
Exploits0References1Affected Software4
MSRC
MSRCadded 2021/11/17 8:0 a.m.21 views

Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs

Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentialsproperty of an Azure Active Directory Azure AD Applicationand/or Service Principal, and prevent reading of private key data...

8.1CVSS6.5AI score0.08244EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2021/11/17 12:0 a.m.3 views

PT-2021-4858 · Microsoft · Azure Site Recovery +3

Name of the Vulnerable Software and Affected Versions: Azure Active Directory AAD affected versions not specified Azure Automation affected versions not specified Azure Site Recovery affected versions not specified Azure Migrate affected versions not specified Description: The issue is related to...

10CVSS7.2AI score0.08244EPSS
Exploits0References9
CNVD
CNVDadded 2021/08/03 12:0 a.m.17 views

ARM Mbed TLS Trust Management Issue Vulnerability

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption capabilities for mbed products. A security vulnerability exists in ARM Mbed TLS versions prior to 2.24.0, which can be exploited by remote attackers to recover private key data...

4.7CVSS4.9AI score0.00131EPSS
Exploits0References1
OSV
OSVadded 2017/01/05 2:59 a.m.2 views

ALPINE-CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...

5.5CVSS6.4AI score0.00015EPSS
Exploits1References1
OSV
OSVadded 2016/03/13 6:59 p.m.1 views

DEBIAN-CVE-2016-1979

Use-after-free vulnerability in the PK11ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services NSS before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data...

8.8CVSS9.1AI score0.00707EPSS
Exploits0References1
securityvulns
securityvulnsadded 2012/12/03 12:0 a.m.63 views

Safend Data Protector Multiple Vulnerabilities

Safend Data Protector Multiple Vulnerabilities Client software 3.4.5586.9772: Advisory Link: http://www.reactionpenetrationtesting.co.uk/safend-private-key-log-file.html Details CVE number: CVE-2012-4767 The private key data is in the securitylayer.log file in a directory called "logs.9772". This...

0.8AI score0.00101EPSS
Exploits3
Rows per page
Query Builder