57 matches found
PT-2023-15399 · Ekorccp +1 · Ekorccp +1
Name of the Vulnerable Software and Affected Versions: ekorCCP and ekorRCI affected versions not specified Description: The issue allows an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to...
SUSE CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
CVE-2022-43460
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted...
LS ELECTRIC PLC 和 XG5000 加密问题漏洞
LS ELECTRIC PLC is a programmable logic controller from LS ELECTRIC, a South Korean company. LS ELECTRIC PLC and XG5000 are vulnerable to an encryption issue that could be exploited by an attacker to decrypt credentials and gain full access to the affected programmable logic controller PLC...
CVE-2021-4161
CVE-2021-4161 affects MOXA MGate MB3180/MB3280/MB3480 Series Protocol Gateways. Vulnerable firmware versions include MB3180 (≤2.2), MB3280 (≤4.1), and MB3480 (≤3.2). The flaw allows cleartext transmission of sensitive information, enabling an attacker to sniff traffic and decrypt login credential...
Vulnerability found in Moxa MGate
A vulnerability has been found in Moxa MGate. The vulnerability allows an unauthenticated remote malicious person to obtain obtain sensitive data. The vulnerable Moxa MGate series have vulnerable firmware that makes it possible for an attacker to intercept the traffic and then decrypt the login...
Moxa MGate 多款产品安全漏洞
MOXA Moxa MGate MB3280 and Moxa MGate MB3480 are both products of MOXA Corporation, Taiwan, China.Moxa MGate MB3280 is a MB3280 series Ethernet gateway product.Moxa MGate MB3480 is a MB3480 series Ethernet gateway product. A security vulnerability exists in the Moxa MGate MB3180/MB3280/MB3480...
CVE-2021-36234
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
New Linux Malware Steals Call Details from VoIP Softswitch Systems
Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP VoIP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, includin...
IBM Content Navigator Information Disclosure Vulnerability
IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. A security vulnerability exists in IBM Content Navigator version 2.0.3 and 3.0CD, which originates from the program's use of a public key store...
CVE-2018-15753
An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...
Lenovo xClarity Administrator Information Disclosure Vulnerability (CNVD-2018-14351)
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The solution supports simplified infrastructure management, faster server response, and improved performance of Lenovo server systems. A security vulnerability exists in the Web API in Lenovo LXCA...
Unspecified Vulnerability in Beckhoff TwinCAT
Beckhoff TwinCAT is a software system consisting of a real-time environment and a real-time system for executing control programs in a development environment for programming, diagnostics and system configuration. A security vulnerability exists in Beckhoff TwinCAT version 3.0, which originates...
IBM Tivoli Identity Manager and Security Identity Manager Information Disclosure Vulnerability (CNVD-2018-08708)
IBM Tivoli Identity Manager and Security Identity Manager are both products of IBM Corporation of the U.S.A. IBM Tivoli Identity Manager is a suite of identity management software used to manage user rights across heterogeneous IT resources.Security Identity Security Identity Manager is an identi...
CVE-2016-2879
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference : 1997341...
UBUNTU-CVE-2016-6606
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...
EMC M&R/ViPR SRM Information Disclosure Vulnerability
EMC M&R Watch4Net is an IT performance management application.EMC ViPR SRM is a storage resource management application. An information disclosure vulnerability exists in EMC M&R versions prior to 6.5u1 and ViPR SRM versions prior to 3.6.1, which could allow a remote attacker to gain access to a...