• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-327

CVE-2018-16806

February 26, 2023 by

A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds.

CVE-2018-15355

February 26, 2023 by

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118.

CVE-2018-1428

February 26, 2023 by

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073.

CVE-2018-12420

February 26, 2023 by

IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.

CVE-2018-11209

February 26, 2023 by

** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on MD5 for the password parameter, which might make it easier for attackers to bypass intended access restrictions via a dictionary or rainbow-table attack. NOTE: the vendor declined to accept this as a valid issue.

CVE-2018-11069

February 26, 2023 by

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Go to page 6
  • Interim pages omitted …
  • Go to page 51
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE