CVE-2025-55112

Control-M/Agent, versions 9.0.18–9.0.20 (out-of-support) configured to use a non-default Blowfish encryption implementation rely on a hardcoded key, enabling an attacker with access to network traffic and the key to decrypt traffic between the Control-M/Agent and the Server. Root cause: hardcoded...

CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-104 (ALASKERNEL-5.10-2025-104)

The version of kernel installed on the remote host is prior to 5.10.242-239.961. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-104 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning...

PT-2025-37942

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Description: Out-of-support versions of Control-M/Agent configured to use the non-default Blowfish cryptography algorithm utilize a hardcoded key. An attacker with network access and knowledge of...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC, Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M versions 9.0.18 through 9.0.20, which stems from the Blowfish encryption algorithm that uses a hard-coded key, and could...

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

CVE-2024-45671

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-45671

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-45671 IBM Security Verify Information Queue information disclosure

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-45671 IBM Security Verify Information Queue information disclosure

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-45671

IBM Security Verify Information Queue (ISIQ) versions 10.0.5–10.0.8 use weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The available connected sources confirm this vulnerability exists in ISIQ and note remediation is to upgrade to the latest ...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2027)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in ...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2025-2086)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

IBM Security Verify Information Queue 加密问题漏洞

IBM Security Verify Information Queue is an integration product from International Business Machines IBM, Inc. utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A cryptographic issue vulnerability exists in IBM Security Verify Information Que...

PT-2025-37094

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 Description: IBM Security Verify Information Queue utilizes cryptographic algorithms that are considered weaker than expected, potentially allowing an attacker to decrypt...

Linux Distros Unpatched Vulnerability : CVE-2020-5248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2058)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2114)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2025-2114)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in ...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...