Lucene search
K

681 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:9 a.m.6 views

CVE-2019-18340

A vulnerability has been identified in Control Center Server CCS All versions = V1.5.0, SiNVR/SiVMS Video Server All versions = V5.0.0. Both the SiVMS/SiNVR Video Server and the Control Center Server CCS store user and device passwords by applying weak cryptography. A local attacker could exploit...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/30 7:51 p.m.3 views

CVE-2025-14175

A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic algorithm, enabling an adjacent attacker to intercept and decrypt SSH traffic. Exploitation may expose sensitive information and compromise confidentiality...

6CVSS6.6AI score0.00307EPSS
Exploits1References1
NVD
NVD
added 2025/12/29 8:15 p.m.6 views

CVE-2025-14175

A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic algorithm, enabling an adjacent attacker to intercept and decrypt SSH traffic. Exploitation may expose sensitive information and compromise confidentiality...

6.5CVSS0.00307EPSS
Exploits1References3
OSV
OSV
added 2025/12/29 8:15 p.m.5 views

CVE-2025-14175

A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic algorithm, enabling an adjacent attacker to intercept and decrypt SSH traffic. Exploitation may expose sensitive information and compromise confidentiality...

6.5CVSS5.8AI score0.00307EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.8 views

PT-2025-53786

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR820N version 2.80 Description A weakness in the SSH server implementation of the device permits the use of a weak cryptographic algorithm. This allows a nearby attacker to potentially intercept and decrypt SSH traffic, which could...

6.5CVSS6.2AI score0.00307EPSS
Exploits1References10
GithubExploit
GithubExploit
added 2025/12/27 5:6 p.m.130 views

Exploit for CVE-2025-63909

Cohesity TranZman Security Advisories This repository contain...

7.2CVSS6.1AI score0.03686EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.6 views

Dell PowerScale OneFS < 9.11.0.0 Information Disclosure (CVE-2025-30477)

The version of Dell PowerScale OneFS running on the remote host prior to 9.11.0.0. It is, therefore, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information...

4.9CVSS5.5AI score0.00206EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/11 5:3 a.m.10 views

CVE-2025-65295

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated...

8.1CVSS6.8AI score0.00204EPSS
Exploits1References1
NVD
NVD
added 2025/12/10 10:16 p.m.6 views

CVE-2025-65295

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated...

8.1CVSS0.00204EPSS
Exploits1References1
OSV
OSV
added 2025/12/10 10:16 p.m.5 views

CVE-2025-65295

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated...

8.1CVSS5.8AI score0.00204EPSS
Exploits1References1
NVD
NVD
added 2025/12/08 7:15 p.m.7 views

CVE-2025-14261

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack...

7.1CVSS0.00273EPSS
Exploits0References2
OSV
OSV
added 2025/12/08 6:12 p.m.12 views

CVE-2025-14261 Lack of entropy allows registered low-privileged users of Litmus to crack valid JWT tokens and gain admin privileges

The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack...

7.1CVSS5.9AI score0.00273EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.6 views

CVE-2025-36150

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS6.7AI score0.00154EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/11/26 12:0 a.m.165 views

📄 Brocade Fabric OS Weak Crypto / Key Compromise

This analysis focuses on some older flaws with Brocade Fabric OS versions prior to 9.2.2 related to man-in-the-middle, weak cryptography, and hardcoded key compromise vulnerabilities...

9.8CVSS7.1AI score0.01546EPSS
Exploits2
EUVD
EUVD
added 2025/11/24 9:31 p.m.7 views

EUVD-2025-198993

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS6.1AI score0.00154EPSS
Exploits0References2
NVD
NVD
added 2025/11/24 9:16 p.m.5 views

CVE-2025-36150

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS0.00154EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/24 8:29 p.m.5 views

CVE-2025-36150 IBM Concert Information Disclosure

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS6.2AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2025/11/24 8:29 p.m.11 views

CVE-2025-36150

CVE-2025-36150 affects IBM Concert Software versions 1.0.0–2.0.0, where cryptographic algorithms are weaker than expected, potentially allowing decryption of highly sensitive information. Root cause: use of insufficiently robust cryptography. Affected component/product: IBM Concert Software. Impa...

7.5CVSS6.2AI score0.00154EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/24 8:29 p.m.10 views

CVE-2025-36150 IBM Concert Information Disclosure

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.11 views

CVE-2025-54340

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm...

4.1CVSS6.7AI score0.00085EPSS
Exploits0References1
Rows per page
Query Builder