Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
encryption vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23680
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
Amazon Aws Encryption Sdk
6.8
CVSSv2
CVE-2017-11397
A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote malicious user to execute arbitrary code on a vulnerable system.
Trendmicro Encryption For Email
4.3
CVSSv2
CVE-2013-4674
Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) prior to 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-m...
Symantec Pgp Universal Server 3.2.0
Symantec Pgp Universal Server 3.2.1
Symantec Encryption Management Server 3.3.0
Symantec Encryption Management Server
NA
CVE-2023-35173
Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryptio...
Nextcloud End-to-end Encryption
2.1
CVSSv2
CVE-2008-7020
McAfee SafeBoot Device Encryption 4 build 4750 and previous versions stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations as...
Mcafee Safeboot Device Encryption 4
5
CVSSv2
CVE-2018-1593
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.
Ibm Multi-cloud Data Encryption
6.4
CVSSv2
CVE-2018-6219
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to eavesdrop and tamper with certain types of update data.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
7.5
CVSSv2
CVE-2018-6220
An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to inject arbitrary data, which may lead to gaining code execution on vulnerable systems.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
9.3
CVSSv2
CVE-2018-6221
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle malicious user to tamper with an update file and inject their own.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
7.2
CVSSv2
CVE-2018-6222
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »