Export limit exceeded: 357822 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1686 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5137 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2024-11-21 | 7.5 High |
| The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. | ||||
| CVE-2019-5135 | 1 Wago | 4 Pfc100, Pfc100 Firmware, Pfc200 and 1 more | 2024-11-21 | 5.3 Medium |
| An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management (WBM) web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt() function which can be exploited to disclose hashed user credentials. This affects WAGO PFC200 Firmware version 03.00.39(12) and version 03.01.07(13), and WAGO PFC100 Firmware version 03.00.39(12). | ||||
| CVE-2019-5035 | 1 Google | 2 Nest Cam Iq, Nest Cam Iq Indoor Firmware | 2024-11-21 | 9.0 Critical |
| An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability. | ||||
| CVE-2019-4639 | 1 Ibm | 1 Security Secret Server | 2024-11-21 | 7.5 High |
| IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045. | ||||
| CVE-2019-4609 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.5 High |
| IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510. | ||||
| CVE-2019-4557 | 1 Ibm | 1 Qradar Advisor | 2024-11-21 | 7.5 High |
| IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206. | ||||
| CVE-2019-4553 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.5 High |
| IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958. | ||||
| CVE-2019-4540 | 1 Ibm | 1 Security Directory Server | 2024-11-21 | 7.5 High |
| IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813. | ||||
| CVE-2019-4427 | 2 Ibm, Microsoft | 2 Cloud Cli, Windows | 2024-11-21 | 7.5 High |
| IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773. | ||||
| CVE-2019-4399 | 1 Ibm | 1 Cloud Orchestrator | 2024-11-21 | 7.5 High |
| IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260. | ||||
| CVE-2019-4339 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 7.5 High |
| IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418. | ||||
| CVE-2019-4325 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.3 Medium |
| "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | ||||
| CVE-2019-4291 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 6.5 Medium |
| IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697. | ||||
| CVE-2019-4256 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.5 High |
| IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 159944. | ||||
| CVE-2019-4175 | 1 Ibm | 1 Cognos Controller | 2024-11-21 | 7.5 High |
| IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880. | ||||
| CVE-2019-4156 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | 5.9 Medium |
| IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158572. | ||||
| CVE-2019-4151 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | 5.9 Medium |
| IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512. | ||||
| CVE-2019-4102 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2024-11-21 | 5.9 Medium |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092. | ||||
| CVE-2019-3818 | 2 Kube-rbac-proxy Project, Redhat | 3 Kube-rbac-proxy, Openshift, Openshift Container Platform | 2024-11-21 | 7.5 High |
| The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption. | ||||
| CVE-2019-3790 | 1 Pivotal Software | 1 Operations Manager | 2024-11-21 | N/A |
| The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session that was supposed to have expired, and access Ops Manager resources. | ||||