Apple Mac OS X Multiple Vulnerabilities -05 (Sep 2014)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSSL: Multiple Vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

openssl: uninitialized SSL 3.0 padding

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

DSA-2454-2 openssl - incomplete fix

Bulletin has no description...

Information disclosure

The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack MMA adaptive chosen ciphertext...

RSA Key Manager SQL injection

SQL injection during data decryption...

CVE-2010-2011

Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents...

Research Finds Crystal Material For Chip Security

Researchers at Florida State University have discovered crystals that could lead to super security chips. The security chips could store encrypted data written two different ways — electrically and magnetically — making extraction of the data more complex and so more difficult for attackers to...

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption

DotNetNuke 4.8.1 - Default ValidationKey and DecriptionKey Weak Encryption source: https://www.securityfocus.com/bid/28391/info DotNetNuke is prone to a weak encryption vulnerability. An attacker can exploit this issue to decrypt sensitive data. Information obtained may lead to further attacks...

CVE-2005-4002

WebEOC before 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation...

CVE-2004-0351

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data...

CVE-2004-0351

The CVE-2004-0351 issue concerns Spider Sales shopping cart, where the private key is stored in the same database/table as the public key. This design enables local users with database access to decrypt data, affecting confidentiality (partial). The available sources describe the vulnerable behav...

CVE-2003-1392

CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data...

Computer Associates - Unicenter Asset Manager Stored Secret Data Decryption

source: https://www.securityfocus.com/bid/7808/info It has been reported that Unicenter Asset Manager stores password information in a way that may be easily recovered. Because of this, an attacker may be able to gain access to potentially sensitive resources. !/usr/bin/perl...

CVE-2000-0678

PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key ADK is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate...

PT-2014-1693

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1i OpenSSL through 1.0.1i PAN-OS versions 6.1.1 and earlier PAN-OS versions 6.0.7 and earlier PAN-OS versions 5.1.x and 5.0.x EOS versions 4.12.0 through 4.12.7.1 EOS versions 4.13.0 through 4.13.6 Apple mac os x...