EUVD-2008-6161

Malware in sbrugna...

CVE-2025-34209

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

CVE-2025-34209 Vasion Print (formerly PrinterLogic) Hardcoded GPG Private Key

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

PT-2025-39879

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.862 Vasion Print Application versions prior to 20.0.2014 Description The Vasion Print Virtual Appliance Host and Application contain Docker images with a private GPG key and its passphrase stored in cleartex...

CVE-2024-53832

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V05.30. The affected devices contain a secure element which is connected via an unencrypted SPI bus. This could allow an attacker with physical access to the SPI bus to observe the password used for the...

Akira Ransomware Bruteforcer

This tool helps decrypt encrypted files from Akira Ransomware Linux/ESXI variant 2024 using a bunch of GPUs...

CVE-2024-11308

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

PT-2024-16899 · Trcore · Dvc

Name of the Vulnerable Software and Affected Versions: DVC from TRCore affected versions not specified Description: The issue concerns the use of a hardcoded key for file encryption in the DVC from TRCore. This hardcoded key can be exploited by attackers to decrypt the files and restore their...

PT-2024-21691 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a shell script in Toshiba printers that uses a hardcoded key for log encryption. An attacker can exploit this by decrypting the encrypted files using the hardcod...

DEBIAN-CVE-2023-28998

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new...

PT-2023-22075 · Nextcloud +2 · Nextcloud Android App +4

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop client versions 3.0.0 through 3.8.0 Nextcloud Android app versions 3.13.0 through 3.25.0 Nextcloud iOS app versions 3.0.5 through 4.8.0 Description: A malicious server administrator can gain full access to an end-to-end...

FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries

Overview FileCapsule Deluxe Portable is a file encryption software. FileCapsule Deluxe Portable contains the following vulnerabilities. FileCapsule Deluxe Portable insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2265, CVE-2017-2267, CVE-2017-2269 Encrypted files in self-decryption forma...

CVE-2016-4685

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "iTunes Backup" component, which improperly hashes passwords, making it easier to decrypt files...

CVE-2016-4685

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "iTunes Backup" component, which improperly hashes passwords, making it easier to decrypt files...

CVE-2008-6191

Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which might allow local users to decrypt certain .bin files. NOTE: it is not clear whether this issue crosses privilege boundaries...

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...