Total
105 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10896 | 1 Canonical | 1 Cloud-init | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks. | |||||
| CVE-2024-11308 | 1 Trcore | 1 Dvc | 2024-11-20 | N/A | 5.5 MEDIUM |
| The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content. | |||||
| CVE-2024-46889 | 1 Siemens | 1 Sinec Ins | 2024-11-13 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files. | |||||
| CVE-2024-42418 | 1 Avtecinc | 3 Outpost 0810, Outpost 0810 Firmware, Outpost Uploader Utility | 2024-09-04 | N/A | 7.5 HIGH |
| Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. | |||||
| CVE-2024-41260 | 2024-08-06 | N/A | 7.5 HIGH | ||
| A static initialization vector (IV) in the encrypt function of netbird v0.28.4 allows attackers to obtain sensitive information. | |||||