Vulnerabilities (CVE)

Filtered by CWE-326
Total 429 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27208 2 Nitrokey, Solokeys 6 Fido2, Fido2 Firmware, Solo and 3 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.
CVE-2020-27181 1 Konzept-ix 1 Publixone 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.
CVE-2020-27020 1 Kaspersky 1 Password Manager 2024-11-21 5.0 MEDIUM 7.5 HIGH
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
CVE-2020-26552 1 Aviatrix 1 Controller 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access.
CVE-2020-26263 1 Tlslite-ng Project 1 Tlslite-ng 2024-11-21 5.0 MEDIUM 7.5 HIGH
tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. In tlslite-ng before versions 0.7.6 and 0.8.0-alpha39, the code that performs decryption and padding check in RSA PKCS#1 v1.5 decryption is data dependant. In particular, the code has multiple ways in which it leaks information about the decrypted ciphertext. It aborts as soon as the plaintext doesn't start with 0x00, 0x02. All TLS servers that enable RSA key exchange as well as applications that use the RSA decryption API directly are vulnerable. This is patched in versions 0.7.6 and 0.8.0-alpha39. Note: the patches depend on Python processing the individual bytes in side-channel free manner, this is known to not the case (see reference). As such, users that require side-channel resistance are recommended to use different TLS implementations, as stated in the security policy of tlslite-ng.
CVE-2020-26107 1 Cpanel 1 Cpanel 2024-11-21 5.0 MEDIUM 7.5 HIGH
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
CVE-2020-25685 4 Arista, Debian, Fedoraproject and 1 more 4 Eos, Debian Linux, Fedora and 1 more 2024-11-21 4.3 MEDIUM 3.7 LOW
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity.
CVE-2020-24925 1 Elkarbackup 1 Elkarbackup 2024-11-21 3.5 LOW 7.5 HIGH
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure /app/elkarbackup/src/Binovo/ElkarBackupBundle/Controller/DefaultController.php
CVE-2020-20949 2 Ietf, St 22 Public Key Cryptography Standards \#1, Stm32cubef0, Stm32cubef1 and 19 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.
CVE-2020-1982 1 Paloaltonetworks 1 Pan-os 2024-11-21 5.8 MEDIUM 4.8 MEDIUM
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud-delivered services. We do not believe that any communication is impacted as a result of known attacks against TLS 1.0. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.14; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. PAN-OS 7.1 is not impacted by this issue.
CVE-2020-18220 1 Html-js 1 Doracms 2024-11-21 5.0 MEDIUM 7.5 HIGH
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive information as it does not use a random salt or IV for its AES-CBC encryption, causes password encrypted for users to be susceptible to dictionary attacks.
CVE-2020-16235 1 Emerson 1 Openenterprise Scada Server 2024-11-21 2.1 LOW 3.8 LOW
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained.
CVE-2020-15387 1 Broadcom 2 Brocade Sannav, Fabric Operating System 2024-11-21 5.8 MEDIUM 7.4 HIGH
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
CVE-2020-13785 1 Dlink 2 Dir-865l, Dir-865l Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
CVE-2020-12872 1 Yaws 1 Yaws 2024-11-21 2.1 LOW 5.5 MEDIUM
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.
CVE-2020-12714 1 Ciphermail 2 Gateway, Webmail Messenger 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow man-in-the-middle compromise of communications between CipherMail products and external SMTP clients.
CVE-2020-12702 1 Coolkit 1 Ewelink 2024-11-21 2.1 LOW 4.6 MEDIUM
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.
CVE-2020-11735 1 Wolfssl 1 Wolfssl 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."
CVE-2020-11719 1 Bilanc 1 Bilanc 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key.
CVE-2020-11684 1 Linux4sam 1 At91bootstrap 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the bootloader).