RSA Key Manager SQL injection

SQL injection during data decryption...

CVE-2010-2011

Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...

Research Finds Crystal Material For Chip Security

Researchers at Florida State University have discovered crystals that could lead to super security chips. The security chips could store encrypted data written two different ways — electrically and magnetically — making extraction of the data more complex and so more difficult for attackers to...

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption source: https://www.securityfocus.com/bid/28391/info DotNetNuke is prone to a weak encryption vulnerability. An attacker can exploit this issue to decrypt sensitive data. Information obtained may lead to further attacks...

CVE-2005-4002

WebEOC before 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation...

CVE-2004-0351

The CVE-2004-0351 issue concerns Spider Sales shopping cart, where the private key is stored in the same database/table as the public key. This design enables local users with database access to decrypt data, affecting confidentiality (partial). The available sources describe the vulnerable behav...

CVE-2004-0351

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data...

CVE-2003-1392

CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data...

Computer Associates - Unicenter Asset Manager Stored Secret Data Decryption

source: https://www.securityfocus.com/bid/7808/info It has been reported that Unicenter Asset Manager stores password information in a way that may be easily recovered. Because of this, an attacker may be able to gain access to potentially sensitive resources. !/usr/bin/perl...

CVE-2000-0678

PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key ADK is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate...

PT-2014-1693

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1i OpenSSL through 1.0.1i PAN-OS versions 6.1.1 and earlier PAN-OS versions 6.0.7 and earlier PAN-OS versions 5.1.x and 5.0.x EOS versions 4.12.0 through 4.12.7.1 EOS versions 4.13.0 through 4.13.6 Apple mac os x...