Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/06/25 12:0 a.m.21 views

CVE-2026-37454

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption...

0.00262EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52568

Name of the Vulnerable Software and Affected Versions MSI NBFoundation Service version 2.0.2506.1201 Description Insecure permissions allow a remote attacker to obtain sensitive information by exploiting the 3DES-ECB encryption method. 3DES-ECB Triple Data Encryption Standard in Electronic Codebo...

7.5CVSS5.8AI score0.00262EPSS
Exploits1References4
OSV
OSV
added 2026/05/18 8:16 a.m.7 views

SUSE-SU-2026:1970-1 Security update for php-composer2

This update for php-composer2 fixes the following issues - CVE-2026-40176: command injection via malicious Perforce repository definition bsc1262254. - CVE-2026-40261: command injection via malicious Perforce source reference/url bsc1262255. Changes for php-composer2: - version update to 2.2.27...

8.8CVSS6.6AI score0.03282EPSS
Exploits4References11
Fedora
Fedora
added 2026/03/28 12:46 a.m.10 views

[SECURITY] Fedora 43 Update: php-phpseclib-2.0.52-1.fc43

MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...

8.2CVSS5.8AI score0.00374EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/29 12:0 a.m.8 views

The vulnerability of the build-ca command in the Easy-RSA certificate management tool allows a attacker to execute a brute-force attack.

The vulnerability of the build-ca command in the Easy-RSA certificate management tool is related to insufficient data encryption due to the use of the cipher:des-ede3-cbc algorithm. Exploiting this vulnerability allows an attacker to execute a brute-force attack...

5.3CVSS6AI score0.00081EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2025/05/28 2:41 p.m.3 views

USN-7542-1 krb5 vulnerability

It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allowrc4 and allowdes3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users a...

5.9CVSS6.9AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.5 views

Best Practical Solutions Request Tracker 加密问题漏洞

Best Practical Solutions Request Tracker is an open source, enterprise-grade work order tracking system for customer service, IT service management and business process tracking from Best Practical Solutions. An encryption issue vulnerability exists in Best Practical Solutions Request Tracker...

2.3CVSS6.5AI score0.0016EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.4 views

SUSE CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

7.8CVSS6.8AI score0.07453EPSS
Exploits1References4
Hacker One
Hacker One
added 2020/06/29 6:25 a.m.7 views

Hiro: blockstack.org - is vulnerable to (CVE-2016-2183, CVE-2016-6329)

Descriptions Cryptographic protocols like TLS, SSH, IPsec, and OpenVPN commonly use block cipher algorithms, such as AES, Triple-DES, and Blowfish, to encrypt data between clients and servers. To use such algorithms, the data is broken into fixed-length chunks, called blocks, and each block is...

7.5CVSS7.5AI score0.95707EPSS
Exploits7
OSV
OSV
added 2019/09/16 5:15 p.m.5 views

CVE-2019-13140

Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...

6.5CVSS6.7AI score0.02035EPSS
Exploits5References4
ATTACKERKB
ATTACKERKB
added 2019/09/16 5:15 p.m.2 views

CVE-2019-13140

Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...

6.5CVSS5.7AI score0.02035EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2017/11/02 7:4 p.m.16 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/09/13 4:37 p.m.5 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
Rows per page
Query Builder