Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40530 | 2 Cryptopp, Fedoraproject | 2 Crypto\+\+, Fedora | 2024-11-21 | 5.9 Medium |
| The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | ||||
| CVE-2021-40529 | 3 Botan Project, Fedoraproject, Mozilla | 3 Botan, Fedora, Thunderbird | 2024-11-21 | 5.9 Medium |
| The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | ||||
| CVE-2021-40119 | 1 Cisco | 1 Policy Suite | 2024-11-21 | 9.8 Critical |
| A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this vulnerability by extracting a key from a system under their control. A successful exploit could allow the attacker to log in to an affected system as the root user. | ||||
| CVE-2021-3789 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2024-11-21 | 4.2 Medium |
| An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages. | ||||
| CVE-2021-3680 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 4.9 Medium |
| showdoc is vulnerable to Missing Cryptographic Step | ||||
| CVE-2021-3446 | 3 Fedoraproject, Libtpms Project, Redhat | 3 Fedora, Libtpms, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2021-3131 | 1 1c | 1 1c\ | 2024-11-21 | 7.5 High |
| The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. | ||||
| CVE-2021-39182 | 1 Enrocrypt Project | 1 Enrocrypt | 2024-11-21 | 7.5 High |
| EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of the product. As a workaround, users can remove the `MD5` hashing function from the file `hashing.py`. | ||||
| CVE-2021-39082 | 1 Ibm | 1 Urbancode Deploy | 2024-11-21 | 7.5 High |
| IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2021-39076 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585. | ||||
| CVE-2021-39058 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617. | ||||
| CVE-2021-39002 | 6 Hp, Ibm, Linux and 3 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-11-21 | 7.5 High |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2021-38984 | 1 Ibm | 2 Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager | 2024-11-21 | 7.5 High |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793. | ||||
| CVE-2021-38983 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2024-11-21 | 7.5 High |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212792. | ||||
| CVE-2021-38947 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242. | ||||
| CVE-2021-38933 | 3 Ibm, Linux, Oracle | 4 Aix, Sterling Connect\, Linux Kernel and 1 more | 2024-11-21 | 5.9 Medium |
| IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574. | ||||
| CVE-2021-38925 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 7.5 High |
| IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171. | ||||
| CVE-2021-38921 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | 7.5 High |
| IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067. | ||||
| CVE-2021-38891 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Sterling Connect\, Linux Kernel and 2 more | 2024-11-21 | 7.5 High |
| IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508. | ||||
| CVE-2021-38862 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 7.5 High |
| IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980. | ||||