Total
360 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-26941 | 1 Assaabloy | 2 Yale Conexis L1, Yale Conexis L1 Firmware | 2024-02-28 | N/A | 6.5 MEDIUM |
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original. | |||||
CVE-2023-46894 | 1 Espressif | 1 Esptool | 2024-02-28 | N/A | 7.5 HIGH |
An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm. | |||||
CVE-2023-47373 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-47370 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-47363 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-47364 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims | |||||
CVE-2023-47365 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-26943 | 1 Assaabloy | 2 Yale Keyless Smart Lock, Yale Keyless Smart Lock Firmware | 2024-02-28 | N/A | 6.5 MEDIUM |
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a cloned tag via physical proximity to the original. | |||||
CVE-2023-43757 | 1 Elecom | 68 Lan-w300n\/p, Lan-w300n\/p Firmware, Lan-w300n\/rs and 65 more | 2024-02-28 | N/A | 6.5 MEDIUM |
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. | |||||
CVE-2023-48051 | 1 Carglglz | 1 Upydev | 2024-02-28 | N/A | 7.5 HIGH |
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding. | |||||
CVE-2023-47367 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-47372 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-48034 | 1 Acer | 2 Sk-9662, Sk-9662 Firmware | 2024-02-28 | N/A | 6.1 MEDIUM |
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption. | |||||
CVE-2023-47366 | 1 Linecorp | 1 Line | 2024-02-28 | N/A | 6.5 MEDIUM |
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims. | |||||
CVE-2023-26942 | 1 Assaabloy | 2 Yale Ia-210, Yale Ia-210 Firmware | 2024-02-28 | N/A | 6.5 MEDIUM |
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original. | |||||
CVE-2023-34971 | 1 Qnap | 2 Qts, Quts Hero | 2024-02-28 | N/A | 8.8 HIGH |
An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later | |||||
CVE-2023-44690 | 1 Dbcli | 1 Mycli | 2024-02-28 | N/A | 7.5 HIGH |
Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py | |||||
CVE-2022-46783 | 1 Stormshield | 1 Ssl Vpn Client | 2024-02-28 | N/A | 5.3 MEDIUM |
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book. | |||||
CVE-2023-4129 | 1 Dell | 1 Data Protection Central | 2024-02-28 | N/A | 7.5 HIGH |
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. | |||||
CVE-2022-48193 | 1 Softing | 1 Smartlink Sw-ht | 2024-02-28 | N/A | 7.5 HIGH |
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). |