Lucene search
K

24 matches found

Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.5 views

SSH Key Persistence

This Metasploit module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.8 views

CVE-2019-7593

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal SMP...

9.1CVSS6.8AI score0.0082EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-17131

Malware in sbrugna...

9.1CVSS8AI score0.0082EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45874

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-35354

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00344EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:29 a.m.8 views

CVE-2024-35537

TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely handle the RSA key pair, allowing attackers to possibly access sensitive information via decryption...

7.5CVSS6.9AI score0.00344EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:48 a.m.7 views

CVE-2022-48625

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary...

7.5CVSS7AI score0.00444EPSS
Exploits0References1
CVE
CVE
added 2024/06/21 12:0 a.m.53 views

CVE-2024-35537

CVE-2024-35537 affects TVS Motor Company Limited TVS Connect on Android v4.6.0 and iOS v5.0.0. The root cause is insecure handling of the RSA key pair, which could allow an attacker to decrypt and access sensitive information. Publicly available documents consistently describe the issue as improp...

7.5CVSS6.9AI score0.00344EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/02/20 12:15 a.m.6 views

CVE-2022-48625

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary...

7.5CVSS5.8AI score0.00444EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/19 12:0 a.m.16 views

CVE-2022-48625

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary...

6.8AI score0.00444EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/19 12:0 a.m.18 views

CVE-2022-48625

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary...

7AI score0.00444EPSS
Exploits0References1
Prion
Prion
added 2023/10/25 6:17 p.m.23 views

Hardcoded credentials

The vulnerability allows an unprivileged untrusted third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent encrypted with a hardcode...

4.3CVSS7.4AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/25 2:13 p.m.17 views

CVE-2023-41372

The vulnerability allows an unprivileged untrusted third- party application to arbitrary modify the server settings of the Android Client application, inducing it to connect to an attacker - controlled malicious server.This is possible by forging a valid broadcast intent encrypted with a hardcode...

7.8CVSS6.8AI score0.00199EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/31 12:0 a.m.21 views

Cisco Adaptive Security Appliance Software Low Entropy Keys (cisco-sa-asa5500x-entropy-6v9bHVYP)

A vulnerability in the deterministic random bit generator DRBG, also known as pseudorandom number generator PRNG in Cisco Adaptive Security Appliance ASA Software for Cisco ASA 5506-X, ASA-5508-X and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic...

7.5CVSS5.7AI score0.00717EPSS
Exploits0References3
NVD
NVD
added 2022/09/20 2:15 a.m.13 views

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

5.9CVSS0.0032EPSS
Exploits0References1
Prion
Prion
added 2019/08/20 7:15 p.m.16 views

Code injection

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal SMP...

6.4CVSS9.1AI score0.0082EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/20 6:22 p.m.21 views

CVE-2019-7593 Metasys use of shared RSA key pairs

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal SMP...

6.8CVSS9.2AI score0.0082EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2018/10/16 5:44 p.m.80 views

Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 bet...

7.5CVSS3.7AI score0.03592EPSS
Exploits0References23Affected Software3
Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.58 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL 6 (RHSA-2018:2423)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2423 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red...

8.1CVSS7.1AI score0.10394EPSS
Exploits3References15
FreeBSD
FreeBSD
added 2018/06/30 12:0 a.m.52 views

Several Security Defects in the Bouncy Castle Crypto APIs

The Legion of the Bouncy Castle reports: Release 1.60 is now available for download. CVE-2018-1000180: issue around primality tests for RSA key pair generation if done using only the low-level API. CVE-2018-1000613: lack of class checking in deserialization of XMSS/XMSS^MT private keys with BDS...

9.8CVSS4.1AI score0.04767EPSS
Exploits0References1
Rows per page
Query Builder