Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu…

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can …

The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-m…

A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, …

Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vect…

The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number fo…

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur befo…

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not…

An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call …

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an o…

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive…

Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks …

The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial o…

An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018…

A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely mea…

NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system…

Mailvelope prior to 3.3.0 does not require user interaction to import public keys shown on web …

Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5…

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile …

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and …

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec function…

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on b…

Persistent platform private key may not be protected with a random IV leading to a potential “t…

In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hi…

Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow a…

A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulner…

A security vulnerability has been detected in actiontech sqle up to 4.2511.0. The impacted elem…

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attacke…

A flaw has been found in code-projects Hospital Management System 1.0. Affected is the function…

A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown func…

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as probl…

A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This…

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this…

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not …

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of t…

A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is…

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to …

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerabilit…

A vulnerability was identified in CRMEB up to 5.6.1. This affects an unknown function of the co…