Lucene search
K

66 matches found

OSV
OSV
added 2019/01/15 9:29 p.m.3 views

CVE-2019-0030

Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3...

7.2CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2018/10/02 6:29 p.m.3 views

CVE-2018-15753

An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...

7.5CVSS5.8AI score0.01326EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2018/03/16 12:0 a.m.5 views

The vulnerability of microprogramming software in media devices from Valve’s Steam Link, related to the reduction of passwords to 8 characters, allows attackers to gain access to the device with root privileges.

The vulnerability of microprogramming software in media devices from Valve’s Steam Link stems from the fact that the password for the root account is shortened to 8 characters due to the use of the cryptographic protocol DES. Exploiting this vulnerability allows a malicious actor to gain access t...

10CVSS5.5AI score0.016EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/12/27 5:8 p.m.6 views

CVE-2017-17878

An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES aka the CONFIGFEATUREDEFAULTPASSWDALGO="des" setting...

9.8CVSS5.8AI score0.016EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/11/16 7:27 p.m.4 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/11/16 7:10 p.m.10 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/11/02 7:15 p.m.7 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
OSV
OSV
added 2017/10/29 5:29 p.m.2 views

CVE-2017-15998

In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network...

7.5CVSS5.8AI score0.00509EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/09/13 4:49 p.m.3 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/09/13 4:48 p.m.6 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/05/09 4:41 p.m.6 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
OSV
OSV
added 2017/04/27 4:47 p.m.10 views

USN-3270-1 nss vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key...

9.8CVSS7AI score0.95707EPSS
Exploits7References3
BDU FSTEC
BDU FSTEC
added 2017/04/20 12:0 a.m.9 views

The vulnerability of the iOS operating system, which allows a hacker to bypass cryptographic security measures

The vulnerability of the iOS operating system’s Profiles component is related to insufficient encryption strength. Exploiting this vulnerability allows a malicious actor to infiltrate the vulnerable Simple Certificate Enrollment Protocol SCEP component and circumvent cryptographic security measur...

5CVSS7.2AI score0.00726EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/04/02 1:59 a.m.5 views

CVE-2017-2380

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol SCEP implementation in the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support...

7.5CVSS5.8AI score0.00726EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/03/08 1:22 p.m.11 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/02/28 8:29 a.m.3 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/02/28 8:19 a.m.21 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
RedHat Linux
RedHat Linux
added 2017/02/28 8:19 a.m.10 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
OSV
OSV
added 2016/12/16 9:59 a.m.4 views

DEBIAN-CVE-2013-1430

An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file /.vnc/sesman$usernamepasswd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key...

9.8CVSS9.4AI score0.01326EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/09/27 1:46 p.m.12 views

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

7.5CVSS6.8AI score0.95707EPSS
Exploits7References7
Rows per page
Query Builder