Lucene search
K

155 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13235

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.0083EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13262

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00229EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38106

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.00461EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/18 9:6 p.m.10 views

CVE-2025-54754 Cognex In-Sight Explorer and In-Sight Camera Firmware Use of Hard-coded Password

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device...

8.6CVSS0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/18 9:6 p.m.5 views

CVE-2025-54754 Cognex In-Sight Explorer and In-Sight Camera Firmware Use of Hard-coded Password

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device...

8.6CVSS6.6AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.4 views

Cognex多款产品 安全漏洞

Cognex In-Sight Explorer and Cognex In-Sight Camera Firmware are both products of Cognex Corporation, U.S.A. Cognex In-Sight Explorer is a tool that has the ability to debug and program the software of its line of smart cameras.Cognex In-Sight Camera Firmware is firmware for a range of smart...

8.6CVSS6.5AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2025/09/16 1:16 p.m.6 views

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS0.00202EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 1:16 p.m.6 views

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/16 12:19 p.m.3 views

CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS6.4AI score0.00202EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:19 p.m.8 views

CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS0.00202EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:19 p.m.16 views

CVE-2025-55112

Control-M/Agent, versions 9.0.18–9.0.20 (out-of-support) configured to use a non-default Blowfish encryption implementation rely on a hardcoded key, enabling an attacker with access to network traffic and the key to decrypt traffic between the Control-M/Agent and the Server. Root cause: hardcoded...

7.6CVSS6.4AI score0.00202EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-37942

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Description: Out-of-support versions of Control-M/Agent configured to use the non-default Blowfish cryptography algorithm utilize a hardcoded key. An attacker with network access and knowledge of...

7.6CVSS6.2AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.4 views

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC, Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M versions 9.0.18 through 9.0.20, which stems from the Blowfish encryption algorithm that uses a hard-coded key, and could...

7.6CVSS6.7AI score0.00202EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 1:23 p.m.17 views

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

8.7CVSS6.7AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 1:15 p.m.6 views

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

8.7CVSS0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 12:46 p.m.3 views

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

8.7CVSS6.2AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 12:46 p.m.9 views

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

8.7CVSS0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.5 views

PT-2025-36728

Name of the Vulnerable Software and Affected Versions: FactoryTalk Activation Manager affected versions not specified Description: A security issue exists within FactoryTalk Activation Manager related to a flaw in the implementation of cryptography. This could allow attackers to decrypt network...

8.7CVSS5.9AI score0.00341EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 7:20 a.m.17 views

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

7.5CVSS6.9AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.10 views

CVE-2023-2443

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API...

7.5CVSS6.8AI score0.00666EPSS
Exploits0References1
Rows per page
Query Builder