Search Vulnerabilities

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM

Jun 4, 2026

CVE-2026-45787

electerm's encrypt method not safe enough

May 28, 2026

CVE-2026-44523

Note Mark: JWT Secret Weakness allows Full Account Takeover via token forgery

May 14, 2026

CVE-2026-44351

fast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypass

May 13, 2026

CVE-2026-33361

Meari weak XOR obfuscation

May 11, 2026

CVE-2018-25272

ELBA5 5.8.0 Remote Code Execution via Database Access

Apr 22, 2026

CVE-2025-1241

Encryption vulnerable to brute-force decryption in GoAnywhere MFT

Apr 21, 2026

CVE-2026-5363

Use of weak cryptographic key in TP-Link Archer C7

Apr 15, 2026

CVE-2026-39349

OrangeHRM Uses AES-ECB for Sensitive Data Encryption Enables Pattern Disclosure

Apr 7, 2026

CVE-2026-33512

AVideo has an unauthenticated decrypt oracle leaking any ciphertext

CVE-2026-33488

AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

CVE-2025-36379

IBM Security QRadar EDR Software has multiple vulnerabilities

Feb 17, 2026

CVE-2025-68703

Jervis has a Salt for PBKDF2 derived from password

CVE-2026-0510

Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

CVE-2025-41743

Sprecher Automation: SPRECON-E series prone to weak encryption of update files

Dec 2, 2025

CVE-2025-11935

Forward Secrecy Violation in WolfSSL TLS 1.3

Nov 21, 2025

CVE-2025-12478

Non-Compliant TLS Configuration

Oct 29, 2025

CVE-2025-55039

Apache Spark, Apache Spark: RPC encryption defaults to unauthenticated AES-CTR mode, enabling man-in-the-middle ciphertext modification attacks

Oct 15, 2025

CVE-2025-55248

.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability

Oct 14, 2025

CVE-2025-46409

Inadequate encryption strength issue exists in SS1 Ver

Aug 28, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM

Jun 4, 2026

CVE-2026-45787

electerm's encrypt method not safe enough

May 28, 2026

CVE-2026-44523

Note Mark: JWT Secret Weakness allows Full Account Takeover via token forgery

May 14, 2026

CVE-2026-44351

fast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypass

May 13, 2026

CVE-2026-33361

Meari weak XOR obfuscation

May 11, 2026

CVE-2018-25272

ELBA5 5.8.0 Remote Code Execution via Database Access

Apr 22, 2026

CVE-2025-1241

Encryption vulnerable to brute-force decryption in GoAnywhere MFT

Apr 21, 2026

CVE-2026-5363

Use of weak cryptographic key in TP-Link Archer C7

Apr 15, 2026

CVE-2026-39349

OrangeHRM Uses AES-ECB for Sensitive Data Encryption Enables Pattern Disclosure

Apr 7, 2026

CVE-2026-33512

AVideo has an unauthenticated decrypt oracle leaking any ciphertext

CVE-2026-33488

AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

CVE-2025-36379

IBM Security QRadar EDR Software has multiple vulnerabilities

Feb 17, 2026

CVE-2025-68703

Jervis has a Salt for PBKDF2 derived from password

CVE-2026-0510

Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

CVE-2025-41743

Sprecher Automation: SPRECON-E series prone to weak encryption of update files

Dec 2, 2025

CVE-2025-11935

Forward Secrecy Violation in WolfSSL TLS 1.3

Nov 21, 2025

CVE-2025-12478

Non-Compliant TLS Configuration

Oct 29, 2025

CVE-2025-55039

Apache Spark, Apache Spark: RPC encryption defaults to unauthenticated AES-CTR mode, enabling man-in-the-middle ciphertext modification attacks

Oct 15, 2025

CVE-2025-55248

.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability

Oct 14, 2025

CVE-2025-46409