Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
encryption vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-8151
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
Symantec Encryption Management Server
5.5
CVSSv2
CVE-2020-8897
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages, an...
Amazon Aws Encryption Sdk
4.6
CVSSv2
CVE-2018-20341
WINMAGIC SecureDoc Disk Encryption software prior to 8.3 has an Unquoted Service Path vulnerability, which could allow an malicious user to execute arbitrary code on a target system. If the executable is enclosed in quote tags "" then the system will know where to find ...
Winmagic Securedoc Disk Encryption
4.9
CVSSv2
CVE-2018-15773
Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and previous versions contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder t...
Dell Data Protection \\| Encryption
9
CVSSv2
CVE-2018-10351
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability.
Trendmicro Email Encryption Gateway
6.5
CVSSv2
CVE-2018-10352
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class. Authentication is required to exploit this vulnerability.
Trendmicro Email Encryption Gateway
4
CVSSv2
CVE-2018-10353
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this...
Trendmicro Email Encryption Gateway
9
CVSSv2
CVE-2018-10354
A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnera...
Trendmicro Email Encryption Gateway
1.9
CVSSv2
CVE-2018-10355
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. An attacker must first obtain access to the user database on the target sy...
Trendmicro Email Encryption Gateway
5
CVSSv2
CVE-2018-6562
totemomail Encryption Gateway prior to 6.0_b567 allows remote malicious users to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack.
Totemo Totemomail Encryption Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »