Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
disk encryption vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-29956
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly importe...
Mozilla Thunderbird
2 Articles
2.1
CVSSv2
CVE-2020-0407
In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weaken...
Google Android -
5
CVSSv2
CVE-2014-10047
In Android prior to 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, when writing the Full Disk Encryption key to crypto engine, information leak could occur.
Qualcomm Sd 400 Firmware -
Qualcomm Sd 800 Firmware -
NA
CVE-2021-4122
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryptio...
Cryptsetup Project Cryptsetup
2.1
CVSSv2
CVE-2013-0985
Disk Management in Apple Mac OS X prior to 10.8.4 does not properly authenticate attempts to disable FileVault, which allows local users to cause a denial of service (loss of encryption functionality) via an unspecified command line.
Apple Mac Os X
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
NA
CVE-2023-24023
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 up to and including 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injecti...
Bluetooth Bluetooth Core Specification
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
1 Github repository
1 Article
5
CVSSv2
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242* prior to 7.8.2428 allows malicious users to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured.
Abine Blur 7.8.2424
6.9
CVSSv2
CVE-2014-2005
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x prior to 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate malicious users to obtain desktop access by leveraging the absence o...
Sophos Enterprise Console 5.2
Sophos Enterprise Console
Sophos Enterprise Console 5.2.1
Sophos Enterprise Console 5.1
5
CVSSv2
CVE-2013-2599
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x up to and including 4.3.x enables debug logging, which allows malicious users t...
Codeaurora Android-msm 3.10
Codeaurora Android-msm 3.10.28
Codeaurora Android-msm 3.10.30
Codeaurora Android-msm 3.10.38
Codeaurora Android-msm 3.10.40
Codeaurora Android-msm 3.10.45
Codeaurora Android-msm 3.10.47
Codeaurora Android-msm 3.10.49
Codeaurora Android-msm 3.12.10
Codeaurora Android-msm 3.12.12
Codeaurora Android-msm 3.12.19
Codeaurora Android-msm 3.12.21
Codeaurora Android-msm 3.12.26
Codeaurora Android-msm 3.12.4
Codeaurora Android-msm 3.12.6
Codeaurora Android-msm 3.13
Codeaurora Android-msm 3.13.10
Codeaurora Android-msm 3.13.2
Codeaurora Android-msm 3.13.7
Codeaurora Android-msm 3.13.9
Codeaurora Android-msm 3.14
Codeaurora Android-msm 3.10.32
NA
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows? Secure Boot process in an attempt to execute other attacks to obtain access to the ...
Trendmicro Trend Micro Endpoint Encryption
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »