19 matches found
EUVD-2016-0179
Malware in sbrugna...
EUVD-2018-2038
Malware in sbrugna...
EUVD-2018-19235
Malware in sbrugna...
EUVD-2025-8020
Malicious code in bioql PyPI...
EUVD-2025-2883
Malicious code in bioql PyPI...
CVE-2025-6224
Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it...
CVE-2022-45195
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet...
CVE-2018-16158
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...
CVE-2025-29311
Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1276)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-22609
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to attach any existing private key on a coolify instance to his own server. If the server configuration of I...
CVE-2022-38465
A vulnerability has been identified in SIMATIC Drive Controller family All versions V2.9.2, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions V21.9, SIMATIC S7-1200 CPU family incl...
CVE-2020-29383
An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...
CVE-2018-16546
Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...
CVE-2016-0705
Double free vulnerability in the dsaprivdecode function in crypto/dsa/dsaameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed DSA private key...
CVE-2014-3209
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file...
CVE-2011-1647
The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified...
Mandrake Linux Security Advisory : gnupg (MDKSA-2001:045)
GnuPG version 1.0.5 has been released that fixes a few security problems, including a vulnerability that makes it easier for an attacker to recover your private key if they are able to steal your keyring. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
Important: Red Hat Security Advisory: : Updated gnupg packages disable ElGamal keys
Updated gnupg packages are now available for Red Hat Linux. These updates disable the ability to generate ElGamal keys used for both signing and encrypting and disable the ability to use ElGamal public keys for encrypting data. GnuPG is a utility for encrypting data and creating digital signature...