Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-5639

Malware in sbrugna...

4.3CVSS6.4AI score0.01348EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 5:51 a.m.6 views

CVE-2023-22746

CKAN is an open-source DMS data management system for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the .env file...

8.6CVSS7AI score0.00693EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.8 views

PT-2025-1744 · Ecovacs · Ecovacs Vacuums +1

Name of the Vulnerable Software and Affected Versions: ECOVACS robot lawn mowers and vacuums affected versions not specified Description: The issue concerns the use of a shared, static secret key to encrypt BLE GATT messages in ECOVACS robots. This allows an unauthenticated attacker within BLE...

6.3CVSS7AI score0.00321EPSS
Exploits1References6
OSV
OSV
added 2023/02/03 9:7 p.m.41 views

CVE-2023-22746 CKAN is vulnerable to session secret shared across instances using Docker images

CKAN is an open-source DMS data management system for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the .env file...

8.6CVSS7.5AI score0.00693EPSS
Exploits0References5
CNVD
CNVD
added 2016/07/01 12:0 a.m.6 views

MileSight camera default private key certificate vulnerability

MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. MileSight camera suffers from a default private key certificate vulnerability. Since all cameras share the same secret key, an attacker can exploit the vulnerability to launch a man-in-the-middle attack whe...

6.8AI score
Exploits0
NVD
NVD
added 2012/11/23 12:9 p.m.15 views

CVE-2012-5756

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by 1 sniffing the...

4.3CVSS6.5AI score0.01348EPSS
Exploits0References7
Prion
Prion
added 2012/06/20 5:55 p.m.27 views

Design/Logic Flaw

The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-5095...

4CVSS6.5AI score0.02088EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder