Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
disk encryption vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-14907
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.
Google Android -
4.4
CVSSv3
CVE-2020-0407
In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weaken...
Google Android -
7.5
CVSSv3
CVE-2014-10047
In Android prior to 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, when writing the Full Disk Encryption key to crypto engine, information leak could occur.
Qualcomm Sd 400 Firmware -
Qualcomm Sd 800 Firmware -
1 Github repository
4.3
CVSSv3
CVE-2021-4122
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryptio...
Cryptsetup Project Cryptsetup
NA
CVE-2013-0985
Disk Management in Apple Mac OS X prior to 10.8.4 does not properly authenticate attempts to disable FileVault, which allows local users to cause a denial of service (loss of encryption functionality) via an unspecified command line.
Apple Mac Os X
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.1
6.8
CVSSv3
CVE-2023-24023
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 up to and including 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injecti...
Bluetooth Bluetooth Core Specification
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
1 Github repository
1 Article
9.8
CVSSv3
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242* prior to 7.8.2428 allows malicious users to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured.
Abine Blur 7.8.2424
6.8
CVSSv3
CVE-2014-2005
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x prior to 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically proximate malicious users to obtain desktop access by leveraging the absence o...
Sophos Enterprise Console 5.2
Sophos Enterprise Console
Sophos Enterprise Console 5.2.1
Sophos Enterprise Console 5.1
NA
CVE-2013-2599
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x up to and including 4.3.x enables debug logging, which allows malicious users t...
Codeaurora Android-msm 3.10
Codeaurora Android-msm 3.10.28
Codeaurora Android-msm 3.10.30
Codeaurora Android-msm 3.10.38
Codeaurora Android-msm 3.10.40
Codeaurora Android-msm 3.10.45
Codeaurora Android-msm 3.10.47
Codeaurora Android-msm 3.10.49
Codeaurora Android-msm 3.12.10
Codeaurora Android-msm 3.12.12
Codeaurora Android-msm 3.12.19
Codeaurora Android-msm 3.12.21
Codeaurora Android-msm 3.12.26
Codeaurora Android-msm 3.12.4
Codeaurora Android-msm 3.12.6
Codeaurora Android-msm 3.13
Codeaurora Android-msm 3.13.10
Codeaurora Android-msm 3.13.2
Codeaurora Android-msm 3.13.7
Codeaurora Android-msm 3.13.9
Codeaurora Android-msm 3.14
Codeaurora Android-msm 3.10.32
6.8
CVSSv3
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows? Secure Boot process in an attempt to execute other attacks to obtain access to the ...
Trendmicro Trend Micro Endpoint Encryption
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »