Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security secret server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20038
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local malicious user to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static ke...
Cisco Industrial Network Director
4.3
CVSSv2
CVE-2016-6883
MatrixSSL prior to 3.8.3 configured with RSA Cipher Suites allows remote malicious users to obtain sensitive information via a Bleichenbacher variant attack.
Matrixssl Matrixssl
4.3
CVSSv2
CVE-2017-17382
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote malicious users to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA...
Citrix Application Delivery Controller Firmware 10.5
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 11.0
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.0
Citrix Netscaler Gateway Firmware 12.0
4.3
CVSSv2
CVE-2017-17427
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an malicious user to decrypt observed traffic that has been encrypted with the RSA cipher and to perfor...
Radware Alteon Firmware
4.3
CVSSv2
CVE-2017-13099
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
Wolfssl Wolfssl
Siemens Scalance W1750d Firmware
Arubanetworks Instant
4.3
CVSSv2
CVE-2017-6168
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) ...
F5 Big-ip Ltm
F5 Big-ip Ltm 13.0.0
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Afm
F5 Big-ip Afm 13.0.0
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Apm
F5 Big-ip Apm 13.0.0
F5 Big-ip Asm
F5 Big-ip Asm 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Pem 13.0.0
F5 Big-ip Pem
F5 Websafe 13.0.0
F5 Websafe
F5 Websafe 11.6.2
1 Github repository
7.5
CVSSv2
CVE-2005-1175
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
Mit Kerberos 5 1.3.2
Mit Kerberos 5 1.3.3
Mit Kerberos 5 1.3.4
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.3
Mit Kerberos 5 1.3.1
Mit Kerberos 5 1.3.5
Mit Kerberos 5 1.3.6
NA
CVE-2023-27495
@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions. @...
Fastify Csrf-protection
4.3
CVSSv2
CVE-2017-13098
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a ...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
2.1
CVSSv2
CVE-2019-5489
The mincore() implementation in mm/mincore.c in the Linux kernel up to and including 4.19.13 allowed local malicious users to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the ou...
Linux Linux Kernel
Netapp Element Software Management Node -
Netapp Active Iq Performance Analytics Services -
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »