Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
encryption vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-6220
An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems....
1 EDB exploit available
1 Github repository available
5
CVSSv2
CVE-2018-1593
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568....
6.3
CVSSv2
CVE-2015-8150
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file....
4
CVSSv2
CVE-2018-10353
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this...
6.8
CVSSv2
CVE-2017-11397
A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system....
5
CVSSv2
CVE-2015-8149
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests....
1.9
CVSSv2
CVE-2018-10355
An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. An attacker must first obtain access to the user database on the target system...
3.5
CVSSv2
CVE-2018-0208
A vulnerability in the web-based management interface of the (cloud based) Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service....
1 Github repository available
5.8
CVSSv2
CVE-2015-8151
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access....
5.5
CVSSv2
CVE-2020-8897
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages,...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
enviragallery
CVE-2020-27368
CVE-2021-23926
injection
envira gallery
CVE-2020-6207
CVE-2021-21242
unspecified
CVE-2021-24122
CVE-2021-0212
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulmon