Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.7 views

CVE-2025-52464

Meshtastic is an open source mesh networking solution. In versions from 2.5.0 to before 2.6.11, the flashing procedure of several hardware vendors was resulting in duplicated public/private keys. Additionally, the Meshtastic was failing to properly initialize the internal randomness pool on some...

9.5CVSS7AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2025/06/19 3:10 p.m.80 views

CVE-2025-52464

Meshtastic versions 2.5.0–2.6.10 expose a vulnerability where flashing procedures can duplicate public/private keys and the RNG may have low entropy, allowing an attacker to decrypt Direct Messages after collecting compromised keys. This is caused by key generation timing and insufficient randomn...

9.5CVSS6.3AI score0.00409EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2024/09/13 11:17 a.m.17 views

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials Verizon DBIR, 2024. Solving this problem resolves over 80% of your corporate risk, and a solution is possible. However, most tools available on the market toda...

7.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/15 5:17 p.m.17 views

What are SSL certificates?

Secure Sockets Layer SSL certificates are what cause your browser to display a padlock icon, indicating that your connection to a websites is secure. Although the padlock may soon be hidden from view, certificates arent going anywhere. Lets start with some definitions and explain some of the...

6.4AI score
Exploits0
Metasploit
Metasploit
added 2018/08/31 10:55 p.m.71 views

Eaton Xpert Meter SSH Private Key Exposure Scanner

Eaton Power Xpert Meters running firmware below version 12.x.x.x or below version 13.3.x.x ship with a public/private key pair that facilitate remote administrative access to the devices. Tested on: Firmware 12.1.9.1 and 13.3.2.10. This module requires Metasploit: https://metasploit.com/download...

9.8CVSS9.6AI score0.34929EPSS
Exploits3
0day.today
0day.today
added 2017/03/23 12:0 a.m.66 views

Ceragon FibeAir IP-10 - SSH Private Key Exposure Exploit

Exploit for linux platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'net/ssh' class MetasploitModule 'Ceragon FibeAir IP-10 SSH Private Key Exposure',...

7.5CVSS9.2AI score0.7809EPSS
Exploits10
Atlassian
Atlassian
added 2017/01/18 5:46 p.m.20 views

Generating SSH Keys is broken (using Bitbucket Server) -- ui and config file

Please watch my short video illustrating the experience. https://www.youtube.com/watch?v=wPUAkG78BFE&feature=youtu.be Scenario 1: On MacOS X Sierra when setting up SourceTree for first time and choosing "SSH" as the authentication method, SourceTree: Should not have a URL for the Bitbucket...

7.5AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2014/03/20 12:0 a.m.26 views

Quantum DXi V1000 SSH Private Key Exposure

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'net/ssh' class Metasploit3 'Quantum DXi V1000 SSH Private Key Exposure', 'Description' = %q Quantum ships a public/private key pair on DXi V100...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/19 12:0 a.m.30 views

Loadbalancer.org Enterprise VA SSH Private Key Exposure

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'net/ssh' class Metasploit3 'Loadbalancer.org Enterprise VA SSH Private Key Exposure', 'Description' = %q Loadbalancer.org ships a public/privat...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2014/03/17 7:22 a.m.33 views

Loadbalancer.org Enterprise VA SSH Private Key Exposure

Loadbalancer.org ships a public/private key pair on Enterprise virtual appliances version 7.5.2 that allows passwordless authentication to any other LB Enterprise box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root. This module requires...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/06/13 12:0 a.m.52 views

F5 BIG-IP - SSH Private Key Exposure (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'net/ssh' class Metasploit3 'F5 BIG-IP SSH Priva...

7.8CVSS9AI score0.63078EPSS
Exploits15
Packet Storm
Packet Storm
added 2012/06/12 12:0 a.m.43 views

F5 BIG-IP SSH Private Key Exposure

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'net/ssh' class Metasploit3 'F5 BIG-IP SSH Priva...

7.8CVSS8.5AI score0.63078EPSS
Exploits15
myhack58
myhack58
added 2009/04/26 12:0 a.m.29 views

Crack Windows encryption protection: EFS decryption through-vulnerability warning-the black bar safety net

EFSEncrypting File System, Encrypting File Systemencryption is based on the NTFS disk art encryption technology. EFS encryption is based on Public Key Policies. Using EFS to encrypt a file or folder, the system will first generate a pseudo-random number consisting of a FEKFile Encryption Key file...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2001/05/29 12:0 a.m.12 views

GNU Privacy Guard 1.0.x - Format String

GNU Privacy Guard 1.0.x - Format String source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when th...

7.4AI score
Exploits0
Rows per page
Query Builder