CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/02/20 7:39 p.m.•2 views

CVE-2026-25998

strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database private keys, EAP secrets, strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization...

8.7CVSS5.7AI score0.00028EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-30916

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00027EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 5:6 p.m.•6 views

CVE-2020-11500

Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key...

7.5CVSS7AI score0.00135EPSS

Exploits1References1

OSV•added 2025/02/10 6:15 p.m.•2 views

UBUNTU-CVE-2025-25188

Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior to versions 0.24.3 and 0.25.0-alpha.5 impacts Hickory DNS users relying on DNSSEC verification in the client library, stub resolver, or recursive resolver. The DNSSEC validati...

7.1CVSS5.8AI score0.00079EPSS

Exploits0References3

CNNVD•added 2025/02/03 12:0 a.m.•1 views

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. A security vulnerability exists in AMD SEV-SNP that stems from incorrect signature verification...

7.2CVSS7.3AI score0.001EPSS

Exploits0References3

CNNVD•added 2024/02/13 12:0 a.m.•3 views

AMD SEV-SNP Security Vulnerability

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP has a security vulnerability that stems from a code error...

4.9CVSS7.1AI score0.00046EPSS

Exploits0References2

Positive Technologies•added 2022/05/27 12:0 a.m.•2 views

PT-2022-3953 · Document Foundation +8 · Libreoffice +8

Name of the Vulnerable Software and Affected Versions: LibreOffice versions prior to 7.2.7 LibreOffice versions prior to 7.3.1 Description: The issue is related to insufficiently strong encryption of data in the user configuration database of LibreOffice. This weakness can be exploited by a remot...

8.8CVSS6.6AI score0.01322EPSS

Exploits0References77

Prion•added 2020/10/19 1:15 p.m.•22 views

Design/Logic Flaw

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext. This can be a problem with encrypting...

5CVSS5.1AI score0.00081EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2020/05/11 8:12 p.m.•1 views

cxf: OpenId Connect token service does not properly validate the clientId

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore JKS/PKCS12 by specifing the...

7.5CVSS7.3AI score0.01164EPSS

Exploits0References4

OSV•added 2020/04/03 1:15 p.m.•0 views

CVE-2020-11500

Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key...

7.5CVSS7.3AI score0.00135EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by