Lucene search
K

57 matches found

Positive Technologies
Positive Technologies
added 2023/09/19 12:0 a.m.4 views

PT-2023-15399 · Ekorccp +1 · Ekorccp +1

Name of the Vulnerable Software and Affected Versions: ekorCCP and ekorRCI affected versions not specified Description: The issue allows an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to...

6.1CVSS7AI score0.00115EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.5 views

SUSE CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

8.1CVSS6.9AI score0.01386EPSS
Exploits0References4
OSV
OSV
added 2023/02/13 2:21 a.m.2 views

CVE-2022-43460

Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted...

7.5CVSS5.7AI score
Exploits0References2
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.5 views

LS ELECTRIC PLC 和 XG5000 加密问题漏洞

LS ELECTRIC PLC is a programmable logic controller from LS ELECTRIC, a South Korean company. LS ELECTRIC PLC and XG5000 are vulnerable to an encryption issue that could be exploited by an attacker to decrypt credentials and gain full access to the affected programmable logic controller PLC...

6.5CVSS6.9AI score0.00312EPSS
Exploits0References4
CVE
CVE
added 2021/12/27 6:48 p.m.77 views

CVE-2021-4161

CVE-2021-4161 affects MOXA MGate MB3180/MB3280/MB3480 Series Protocol Gateways. Vulnerable firmware versions include MB3180 (≤2.2), MB3280 (≤4.1), and MB3480 (≤3.2). The flaw allows cleartext transmission of sensitive information, enabling an attacker to sniff traffic and decrypt login credential...

9.8CVSS8.7AI score0.00661EPSS
Exploits0References1Affected Software1
NCSC
NCSC
added 2021/12/24 12:0 a.m.39 views

Vulnerability found in Moxa MGate

A vulnerability has been found in Moxa MGate. The vulnerability allows an unauthenticated remote malicious person to obtain obtain sensitive data. The vulnerable Moxa MGate series have vulnerable firmware that makes it possible for an attacker to intercept the traffic and then decrypt the login...

9CVSS6.6AI score0.01666EPSS
Exploits0
CNNVD
CNNVD
added 2021/12/23 12:0 a.m.4 views

Moxa MGate 多款产品安全漏洞

MOXA Moxa MGate MB3280 and Moxa MGate MB3480 are both products of MOXA Corporation, Taiwan, China.Moxa MGate MB3280 is a MB3280 series Ethernet gateway product.Moxa MGate MB3480 is a MB3480 series Ethernet gateway product. A security vulnerability exists in the Moxa MGate MB3180/MB3280/MB3480...

9.8CVSS7.4AI score0.00661EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/08/31 5:45 p.m.13 views

CVE-2021-36234

Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...

5.6AI score0.00319EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2020/09/11 12:5 p.m.4 views

New Linux Malware Steals Call Details from VoIP Softswitch Systems

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP VoIP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, includin...

5.8AI score
Exploits0
CNVD
CNVD
added 2019/02/27 12:0 a.m.2 views

IBM Content Navigator Information Disclosure Vulnerability

IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. A security vulnerability exists in IBM Content Navigator version 2.0.3 and 3.0CD, which originates from the program's use of a public key store...

6.8AI score
Exploits0References1
OSV
OSV
added 2018/10/02 6:29 p.m.3 views

CVE-2018-15753

An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...

7.5CVSS5.8AI score0.01326EPSS
Exploits2References2
CNVD
CNVD
added 2018/07/31 12:0 a.m.4 views

Lenovo xClarity Administrator Information Disclosure Vulnerability (CNVD-2018-14351)

Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The solution supports simplified infrastructure management, faster server response, and improved performance of Lenovo server systems. A security vulnerability exists in the Web API in Lenovo LXCA...

7.5CVSS7.8AI score0.00462EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/04 12:0 a.m.2 views

Unspecified Vulnerability in Beckhoff TwinCAT

Beckhoff TwinCAT is a software system consisting of a real-time environment and a real-time system for executing control programs in a development environment for programming, diagnostics and system configuration. A security vulnerability exists in Beckhoff TwinCAT version 3.0, which originates...

5.9CVSS6.8AI score0.00423EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/24 12:0 a.m.2 views

IBM Tivoli Identity Manager and Security Identity Manager Information Disclosure Vulnerability (CNVD-2018-08708)

IBM Tivoli Identity Manager and Security Identity Manager are both products of IBM Corporation of the U.S.A. IBM Tivoli Identity Manager is a suite of identity management software used to manage user rights across heterogeneous IT resources.Security Identity Security Identity Manager is an identi...

7.8CVSS6.4AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2017/03/01 9:59 p.m.5 views

CVE-2016-2879

IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference : 1997341...

7.8CVSS5.8AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2016/12/11 2:59 a.m.2 views

UBUNTU-CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

8.1CVSS7.3AI score0.01386EPSS
Exploits0References3
CNVD
CNVD
added 2015/01/22 12:0 a.m.2 views

EMC M&R/ViPR SRM Information Disclosure Vulnerability

EMC M&R Watch4Net is an IT performance management application.EMC ViPR SRM is a storage resource management application. An information disclosure vulnerability exists in EMC M&R versions prior to 6.5u1 and ViPR SRM versions prior to 3.6.1, which could allow a remote attacker to gain access to a...

5CVSS6.7AI score0.07647EPSS
Exploits5References1
Rows per page
Query Builder