Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
encryption vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-11317
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax 2017.2.503
Telerik Ui For Asp.net Ajax 2017.2.621
Telerik Ui For Asp.net Ajax
1 EDB exploit
7 Github repositories
9.8
CVSSv3
CVE-2014-9975
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
Google Android
9.8
CVSSv3
CVE-2017-9632
A Missing Encryption of Sensitive Data issue exists in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tand...
Pdqinc Laserwash G5 Firmware -
Pdqinc Laserwash G5 S Firmware -
Pdqinc Laserwash M5 Firmware -
Pdqinc Laserwash 360 Firmware -
Pdqinc Laserwash 360 Plus Firmware -
Pdqinc Laserwash Autoxpress Firmware -
Pdqinc Laserwash Autoxpress Plus Firmware -
Pdqinc Laserjet Firmware -
Pdqinc Protouch Tandem Firmware -
Pdqinc Protouch Icon Firmware -
Pdqinc Protouch Autogloss Firmware -
9.8
CVSSv3
CVE-2017-9856
An issue exists in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption algorithm. This enables an malicious user to find the plaintext passwords and auth...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
9.8
CVSSv3
CVE-2017-9861
An issue exists in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, and man in the middle attacks. An attacker is able to successfully use SIP to communicate w...
Sma Sunny Boy 3600 Firmware -
Sma Sunny Boy 5000 Firmware -
Sma Sunny Tripower Core1 Firmware -
Sma Sunny Tripower 15000tl Firmware -
Sma Sunny Tripower 20000tl Firmware -
Sma Sunny Tripower 25000tl Firmware -
Sma Sunny Tripower 5000tl Firmware -
Sma Sunny Tripower 12000tl Firmware -
Sma Sunny Tripower 60 Firmware -
Sma Sunny Boy 3000tl Firmware -
Sma Sunny Boy 3600tl Firmware -
Sma Sunny Boy 4000tl Firmware -
Sma Sunny Boy 5000tl Firmware -
Sma Sunny Boy 1.5 Firmware -
Sma Sunny Boy 2.5 Firmware -
Sma Sunny Boy 3.0 Firmware -
Sma Sunny Boy 3.6 Firmware -
Sma Sunny Boy 4.0 Firmware -
Sma Sunny Boy 5.0 Firmware -
Sma Sunny Central 2200 Firmware -
Sma Sunny Central 1000cp Xt Firmware -
Sma Sunny Central 800cp Xt Firmware -
9.8
CVSSv3
CVE-2015-9107
Zoho ManageEngine OpManager 11 up to and including 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented algorithm doesn't use a per-system key or even a salt; therefore, it's possible to create a univers...
Zohocorp Manageengine Opmanager 11.6
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 12.2
Zohocorp Manageengine Opmanager 11.2
Zohocorp Manageengine Opmanager 11.1
Zohocorp Manageengine Opmanager 11.0
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 11.3
9.8
CVSSv3
CVE-2017-11757
Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote malicious users to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that l...
Actian Pervasive Psql 12.10
Actian Zen 13.0
9.8
CVSSv3
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Ui For Asp.net Ajax
Telerik Sitefinity Cms
1 EDB exploit
17 Github repositories
1 Article
9.8
CVSSv3
CVE-2017-7902
A "Reusing a Nonce, Key Pair in Encryption" issue exists in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 176...
Rockwellautomation 1763-l16bbb Series A
Rockwellautomation 1763-l16awa Series A
Rockwellautomation 1763-l16bwa Series A
Rockwellautomation 1763-l16dwd Series B
Rockwellautomation 1763-l16dwd Series A
Rockwellautomation 1763-l16bwa Series B
Rockwellautomation 1763-l16bbb Series B
Rockwellautomation 1763-l16awa Series B
Rockwellautomation 1766-l32bwaa Series B
Rockwellautomation 1766-l32bwa Series A
Rockwellautomation 1766-l32bwa Series B
Rockwellautomation 1766-l32awa Series A
Rockwellautomation 1766-l32bxb Series A
Rockwellautomation 1766-l32bwaa Series A
Rockwellautomation 1766-l32awa Series B
Rockwellautomation 1766-l32awaa Series A
Rockwellautomation 1766-l32awaa Series B
Rockwellautomation 1766-l32bxba Series A
Rockwellautomation 1766-l32bxba Series B
Rockwellautomation 1766-l32bxb Series B
9.8
CVSSv3
CVE-2017-9466
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed malicious users to gain read-write access to system settings through the pr...
Tp-link Wr841n V8 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »