Total
432 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25685 | 4 Arista, Debian, Fedoraproject and 1 more | 4 Eos, Debian Linux, Fedora and 1 more | 2025-11-04 | 4.3 MEDIUM | 3.7 LOW |
| A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | |||||
| CVE-2020-10125 | 1 Ncr | 2 Aptra Xfs, Selfserv Atm | 2025-11-04 | 4.6 MEDIUM | 7.6 HIGH |
| NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files and CAB archives used to update BNA software, as well as bypass application whitelisting, resulting in the ability to execute arbitrary code. | |||||
| CVE-2023-4333 | 2 Broadcom, Microsoft | 2 Raid Controller Web Interface, Windows | 2025-11-04 | N/A | 5.5 MEDIUM |
| Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | |||||
| CVE-2014-2381 | 1 Invensys | 1 Wonderware Information Server | 2025-11-01 | 2.1 LOW | N/A |
| Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. | |||||
| CVE-2014-2380 | 1 Invensys | 1 Wonderware Information Server | 2025-11-01 | 7.8 HIGH | N/A |
| Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. | |||||
| CVE-2025-9239 | 1 Eladmin | 1 Eladmin | 2025-10-31 | 2.6 LOW | 3.7 LOW |
| A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. | |||||
| CVE-2025-55248 | 3 Apple, Linux, Microsoft | 20 Macos, Linux Kernel, .net and 17 more | 2025-10-23 | N/A | 4.8 MEDIUM |
| Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. | |||||
| CVE-2017-11317 | 1 Telerik | 1 Ui For Asp.net Ajax | 2025-10-22 | 7.5 HIGH | 9.8 CRITICAL |
| Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. | |||||
| CVE-2024-45259 | 1 Gl-inet | 42 A1300, A1300 Firmware, Ar300m and 39 more | 2025-10-15 | N/A | 6.5 MEDIUM |
| An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. By intercepting an HTTP request and changing the filename property in the download interface, any file on the device can be deleted. | |||||
| CVE-2025-7789 | 1 Xuxueli | 1 Xxl-job | 2025-09-11 | 2.6 LOW | 3.7 LOW |
| A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with insufficient computational effort. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2014-9199 | 1 Clorius Controls A\/s | 1 Java Web Client | 2025-09-05 | 10.0 HIGH | N/A |
| The Clorius Controls Java web client before 01.00.0009g allows remote attackers to discover credentials by sniffing the network for cleartext-equivalent traffic. | |||||
| CVE-2024-28860 | 1 Cilium | 1 Cilium | 2025-09-02 | N/A | 8.0 HIGH |
| Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key recovery, replay attacks by a man-in-the-middle attacker. These attacks are possible due to an ESP sequence number collision when multiple nodes are configured with the same key. Fixed versions of Cilium use unique keys for each IPsec tunnel established between nodes, resolving all of the above attacks. This vulnerability is fixed in 1.13.13, 1.14.9, and 1.15.3. | |||||
| CVE-2025-9513 | 2025-08-29 | 2.6 LOW | 3.7 LOW | ||
| A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument priv_key causes inadequate encryption strength. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. | |||||
| CVE-2025-46409 | 2025-08-29 | N/A | 7.5 HIGH | ||
| Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker. | |||||
| CVE-2025-45764 | 2025-08-26 | N/A | 3.2 LOW | ||
| jsrsasign v11.1.0 was discovered to contain weak encryption. NOTE: this issue has been disputed by a third party who believes that CVE IDs can be assigned for key lengths in specific applications that use a library, and should not be assigned to the default key lengths in a library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record. | |||||
| CVE-2024-13454 | 1 Openvpn | 1 Easy-rsa | 2025-08-22 | N/A | 5.3 MEDIUM |
| Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3 | |||||
| CVE-2024-43382 | 1 Snowflake | 1 Snowflake Jdbc | 2025-08-20 | N/A | 5.9 MEDIUM |
| Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption. | |||||
| CVE-2025-45770 | 1 Jwt Project | 1 Jwt | 2025-08-17 | N/A | 7.0 HIGH |
| jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record. | |||||
| CVE-2025-45769 | 1 Google | 1 Firebase Php-jwt | 2025-08-17 | N/A | 7.3 HIGH |
| php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record. | |||||
| CVE-2019-4160 | 1 Ibm | 1 Security Guardium Data Encryption | 2025-08-12 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158577. | |||||