Lucene search
K

1654 matches found

EUVD
EUVD
added 2026/05/04 12:39 a.m.25 views

EUVD-2026-26862

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.8AI score0.00214EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/29 1:44 a.m.7 views

CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

8.8CVSS5.3AI score0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/26 11:58 p.m.5 views

EUVD-2026-25743

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.5AI score0.00186EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/26 11:58 p.m.6 views

CVE-2026-42363

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.6AI score0.00186EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/26 11:58 p.m.22 views

CVE-2026-42363

CVE-2026-42363 affects GeoVision GV-IP Device Utility 9.0.5. The Device Authentication flow encrypts credentials using a protocol resembling Blowfish, but the symmetric key is included in the packet, making confidentiality rely on obscurity. When admin users interact with devices, credentials may...

9.3CVSS5.6AI score0.00186EPSS
Exploits0References2
CNVD
CNVD
added 2026/04/23 12:0 a.m.3 views

IBM Verify Identity Access Container Weak Encryption Algorithm Vulnerability

IBM Verify Identity Access Container is an identity and access management solution for providing secure single sign-on and access control. A weak cryptographic algorithm vulnerability exists in IBM Verify Identity Access Container. The vulnerability stems from the product's use of a...

6.5CVSS5.4AI score0.00181EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

IBM多款产品 加密问题漏洞

IBM Verify Identity Access Container is an identity and access management solution for providing secure single sign-on and access control. A weak cryptographic algorithm vulnerability exists in IBM Verify Identity Access Container. The vulnerability stems from the product's use of a...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.11 views

TP-Link Archer C7 安全漏洞

The TP-Link Archer C7 is a router produced by the TP-Link company. The TP-Link Archer C7 Build 20220715 and earlier versions have security vulnerabilities. These vulnerabilities stem from insufficient encryption strength, which may allow password recovery attacks to occur...

8.8CVSS5.8AI score0.00091EPSS
Exploits0References2
CVE
CVE
added 2026/04/15 11:45 p.m.19 views

CVE-2026-5363

TP-Link Archer C7 v5/v5.8 (uhttpd) is affected by CVE-2026-5363 due to inadequate encryption strength: the admin password is encrypted client-side with RSA-1024 before login, allowing an adjacent attacker to brute-force or factor the 1024-bit key and recover plaintext credentials, leading to unau...

8.8CVSS5.8AI score0.00091EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Progress OpenEdge 安全漏洞

Progress OpenEdge is an enterprise-level application development and database management platform provided by the American company Progress. There is a security vulnerability in Progress OpenEdge, which stems from the weak encryption strength of the OECH1 prefix encoding. This vulnerability may...

10CVSS5.8AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
added 2026/04/10 12:0 a.m.9 views

IBM Aspera Shares Encryption Problem Vulnerability (CNVD-2026-16873)

IBM Aspera Shares is a Web application from International Business Machines IBM. An encryption issue vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.11.0. The vulnerability stems from the use of a weak encryption algorithm and can be exploited by an attacker to decrypt highly...

7.5CVSS5.7AI score0.00203EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Meesho Online Shopping 加密问题漏洞

Meesho Online Shopping is an e-commerce system developed by the Meesho company. Versions of Meesho Online Shopping prior to 27.3 contained a security vulnerability related to encrypted data handling. This vulnerability stemmed from incorrect operations with files and API endpoints, potentially...

6.3CVSS5.8AI score0.00188EPSS
Exploits0References4
CNVD
CNVD
added 2026/03/31 12:0 a.m.3 views

IBM Concert Encryption Problem Vulnerability (CNVD-2026-16135)

IBM Concert is IBM's collaborative application lifecycle management platform. IBM Concert has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the vulnerability to decrypt highly sensitive information...

7.5CVSS5.9AI score0.00202EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

IBM Concert 安全漏洞

IBM Concert is IBM's collaborative application lifecycle management platform. IBM Concert has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the vulnerability to decrypt highly sensitive information...

7.5CVSS5.8AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

TencentOS Server 4: python-jwt (TSSA-2026:0119)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0119 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7CVSS5.9AI score0.0016EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

Amazon Linux 2023 : python3-jwt, python3-jwt+crypto (ALAS2023-2026-1467)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1467 advisory. pyjwt v2.10.1 was discovered to contain weak encryption. CVE-2025-45768 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

7CVSS5.8AI score0.0016EPSS
Exploits0References4
Amazon
Amazon
added 2026/03/05 12:0 a.m.5 views

Medium: python-jwt

Issue Overview: pyjwt v2.10.1 was discovered to contain weak encryption. CVE-2025-45768 Affected Packages: python-jwt Issue Correction: Run dnf update python-jwt --releasever 2023.10.20260302 or dnf update --advisory ALAS2023-2026-1467 --releasever 2023.10.20260302 to update your system. More...

7CVSS5.8AI score0.0016EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.23 views

CVE-2025-63912

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...

7.5CVSS5.9AI score0.00133EPSS
Exploits2References1
NVD
NVD
added 2026/03/03 6:16 p.m.4 views

CVE-2025-63912

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...

7.5CVSS0.00133EPSS
Exploits2References2
OSV
OSV
added 2026/03/03 6:16 p.m.5 views

CVE-2025-63912

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...

7.5CVSS5.8AI score0.00133EPSS
Exploits2References2
Rows per page
Query Builder