Total
459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41270 | 1 Appleboy | 1 Gorush | 2024-08-12 | N/A | 9.1 CRITICAL |
| An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version. | |||||
| CVE-2023-38371 | 1 Ibm | 1 Security Access Manager | 2024-08-02 | N/A | 7.5 HIGH |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198. | |||||
| CVE-2024-30098 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-07-17 | N/A | 7.5 HIGH |
| Windows Cryptographic Services Security Feature Bypass Vulnerability | |||||
| CVE-2024-39731 | 1 Ibm | 1 Datacap | 2024-07-16 | N/A | 7.5 HIGH |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 295970. | |||||
| CVE-2024-32852 | 1 Dell | 1 Powerscale Onefs | 2024-07-03 | N/A | 7.5 HIGH |
| Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky cryptographic algorithm vulnerability. An unprivileged network malicious attacker could potentially exploit this vulnerability, leading to data leaks. | |||||
| CVE-2024-31510 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c component. | |||||
| CVE-2023-41928 | 2024-07-02 | N/A | 5.3 MEDIUM | ||
| The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses. | |||||
| CVE-2023-41927 | 2024-07-02 | N/A | 5.3 MEDIUM | ||
| The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses. | |||||
| CVE-2024-35537 | 1 Tvsmotor | 1 Tvs Connect | 2024-06-24 | N/A | 7.5 HIGH |
| TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely handle the RSA key pair, allowing attackers to possibly access sensitive information via decryption. | |||||
| CVE-2024-3264 | 2024-06-24 | N/A | 5.3 MEDIUM | ||
| Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Signature Spoofing by Improper Validation.This issue affects Mia-Med Health Aplication: before 1.0.14. | |||||
| CVE-2023-32043 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 6.8 MEDIUM |
| Windows Remote Desktop Security Feature Bypass Vulnerability | |||||
| CVE-2024-4563 | 2024-05-23 | N/A | 6.1 MEDIUM | ||
| The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit length. | |||||
| CVE-2024-31989 | 2024-05-22 | N/A | 9.0 CRITICAL | ||
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10. | |||||
| CVE-2024-25968 | 2024-05-14 | N/A | 5.9 MEDIUM | ||
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2020-4874 | 2024-05-06 | N/A | 5.9 MEDIUM | ||
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 190837. | |||||
| CVE-2023-40696 | 2024-05-06 | N/A | 5.9 MEDIUM | ||
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939. | |||||
| CVE-2022-34309 | 1 Ibm | 1 Cics Tx | 2024-04-30 | N/A | 7.5 HIGH |
| IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440. | |||||
| CVE-2024-29056 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-04-26 | N/A | 4.3 MEDIUM |
| Windows Authentication Elevation of Privilege Vulnerability | |||||
| CVE-2023-50313 | 1 Ibm | 1 Websphere Application Server | 2024-04-08 | N/A | 6.5 MEDIUM |
| IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812. | |||||
| CVE-2024-25963 | 2024-03-28 | N/A | 5.9 MEDIUM | ||
| Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||