Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
disk encryption vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2402
The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD.
Eset Full Disk Encryption
Eset Endpoint Encryption
4.6
CVSSv2
CVE-2018-20341
WINMAGIC SecureDoc Disk Encryption software prior to 8.3 has an Unquoted Service Path vulnerability, which could allow an malicious user to execute arbitrary code on a target system. If the executable is enclosed in quote tags "" then the system will know where to find ...
Winmagic Securedoc Disk Encryption
6.9
CVSSv2
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x up to and including 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physicall...
Sophos Safeguard Enterprise Device Encryption 5.50.8
Sophos Safeguard Enterprise Device Encryption 5.50.0
Sophos Safeguard Enterprise Device Encryption 5.40.0
Sophos Safeguard Enterprise Device Encryption 5.35.3
Sophos Safeguard Enterprise Device Encryption 5.35.2
Sophos Safeguard Enterprise Device Encryption 5.35.1
Sophos Safeguard Enterprise Device Encryption 5.6
Sophos Safeguard Enterprise Device Encryption 5.50.1
Sophos Safeguard Enterprise Device Encryption 5.35.0
Sophos Safeguard Easy Device Encryption Client 5.50.1
Sophos Safeguard Easy Device Encryption Client 5.50.8
Sophos Safeguard Easy Device Encryption Client 5.50.0
Sophos Disk Encryption 5.50.0
Sophos Disk Encryption 5.50.1
Sophos Disk Encryption 5.50.8
4.6
CVSSv2
CVE-2020-26200
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky En...
Kaspersky Endpoint Security 10
Kaspersky Endpoint Security 11.0.0
Kaspersky Endpoint Security 11.0.1
Kaspersky Endpoint Security 11.1.0
Kaspersky Rescue Disk
5.9
CVSSv2
CVE-2009-3200
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this ...
Qnap Ts-239 Pro Turbo Nas 2.1.7 0613
Qnap Ts-239 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 3.1.1 0815
Qnap Ts-239 Pro Turbo Nas 3.1.1 0815
Qnap Ts-639 Pro Turbo Nas 2.1.7 0613
4.4
CVSSv2
CVE-2017-3226
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables...
Denx U-boot
5
CVSSv2
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242* prior to 7.8.2428 allows malicious users to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured.
Abine Blur 7.8.2424
5
CVSSv2
CVE-2019-13179
Calamares versions 3.1 up to and including 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user,...
Calamares Calamares
5
CVSSv2
CVE-2019-6481
Abine Blur 7.8.2431 allows remote malicious users to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor re...
Abine Blur 7.8.2431
2.1
CVSSv2
CVE-2019-1586
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. The vulnerability is due to insecure removal of cleartext encryption ...
Cisco Application Policy Infrastructure Controller 4.1\\(0.90a\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »