EUVD-2023-41772

Malicious code in bioql PyPI...

EUVD-2021-7831

Malicious code in bioql PyPI...

From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience

Quantum computing and AI working together will bring incredible opportunities. Together, the technologies will help us extend innovation further and faster than ever before. But, imagine the flip side, waking up to news that hackers have used a quantum computer to crack your company's encryption...

CVE-2025-9239

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

CVE-2025-9239 elunez eladmin DES Key EncryptUtils.java EncryptUtils inadequate encryption

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

DELL CloudLink XML External Entity References Improperly Restricted Vulnerability

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

PT-2025-34143 · Elunez · Elunez Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A vulnerability exists in the EncryptUtils function within the DES Key Handler component of elunez eladmin. Manipulation of the STR PARAM argument with the input Passw0rd results in inadequate...

CVE-2025-33100

IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

CVE-2025-33100

CVE-2025-33100 concerns IBM Concert Software versions 1.0.0–1.1.0 that allegedly contain hard-coded credentials used for inbound authentication, outbound communication, or data encryption. The core issue is a trust/credential hard-coding flaw, which could enable unauthorized access or leakage of ...

Prescriptive Zero Trust- Assessing the Impact of Zero Trust on Cyber Attack Prevention

Increasingly sophisticated and varied cyber threats necessitate ever improving enterprise security postures. For many organizations today, those postures have a foundation in the Zero Trust Architecture. This strategy sees trust as something an enterprise must not give lightly or assume too...

Cyber Risks to Next-Gen Brain-Computer Interfaces: Analysis and Recommendations

Brain-computer interfaces BCIs show enormous potential for advancing personalized medicine. However, BCIs also introduce new avenues for cyber-attacks or security compromises. In this article, we analyze the problem and make recommendations for device manufacturers to better secure devices and to...

Dell CloudLink 代码问题漏洞

DELL CloudLink is a data encryption and key management solution from Dell that is targeted at enterprise-level users and supports public, private and hybrid cloud environments. DELL CloudLink suffers from an improperly restricted XML external entity reference vulnerability that can be exploited b...

Broadcom Symantec PGP Encryption 安全漏洞

Broadcom Symantec PGP Encryption is a data encryption software from Broadcom Corporation USA. A security vulnerability exists in Broadcom Symantec PGP Encryption that stems from an improper assignment of privileges, which could result in elevated privileges...

Broadcom Symantec PGP Encryption 安全漏洞

Broadcom Symantec PGP Encryption is a data encryption software from Broadcom, Inc. A security vulnerability exists in Broadcom Symantec PGP Encryption that originates from the server not properly validating or encoding user input data, which could lead to a stored cross-site scripting attack...

CVE-2025-40680

Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the proxy credentials and the JWT session token in plain text within different registry keys on the Windows operating system. Any authenticated local user with read access to the registry can extract the...

CVE-2025-40680 Encryption of sensitive data in CapillaryScope missing

Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the proxy credentials and the JWT session token in plain text within different registry keys on the Windows operating system. Any authenticated local user with read access to the registry can extract the...

PT-2025-30662 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: CapillaryScope version 2.5.0 Description: The software lacks sensitive data encryption, storing proxy credentials and the JWT session token in plain text within Windows registry keys. Any authenticated local user with read access to the...

PT-2025-30495 · Duracomm · Duracomm Spm-500 Dp-10In-100-Mu

Name of the Vulnerable Software and Affected Versions: DuraComm SPM-500 DP-10iN-100-MU affected versions not specified Description: The device transmits sensitive data without encryption, potentially allowing attackers to intercept it. Recommendations: At the moment, there is no information about...

Secure Your Data with Automated Local Compute Disk & Block Storage Volume Encryption

...

CVE-2024-49783 IBM OpenPages with Watson information disclosure

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...