DELL Wyse Management Suite Encryption Issue Vulnerability

DELL Wyse Management Suite is Dell's hybrid cloud security management solution for Wyse thin client devices, designed to simplify IT management processes and enhance device security. DELL Wyse Management Suite has an encryption issue vulnerability that stems from the program's support for the...

GitLab 加密问题漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. An encryption issue vulnerability exists in GitLab 11.6+, assuming that the...

CVE-2021-3774 Meross MSS550X Missing Encryption of Sensitive Data

Meross Smart Wi-Fi 2 Way Wall Switch MSS550X, on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the password configured by the user from Meross app...

IR615 Router encryption problem vulnerability

The IR615 Router is a 4G industrial router from Rimu Technologies, China. IR615 Router is vulnerable to an encryption issue that could be exploited by attackers to intercept communications and steal sensitive information or hijack sessions...

IBM Cloud Pak for Security Encryption Issue Vulnerability

IBM Cloud Pak for Security CP4S is an open security platform from IBM that connects to your existing data sources, generates deeper insights, and enables you to act faster with automation. IBM Cloud Pak for Security CP4S suffers from an encryption issue vulnerability in versions 1.7.0.0, 1.7.1.0,...

IR615 Router 加密问题漏洞

The IR615 Router is a 4G industrial router from Rimu Technologies, China. IR615 Router is vulnerable to an encryption issue that could be exploited by attackers to intercept communications and steal sensitive information or hijack sessions...

Hitachi ABB Power Grids System Data Manager Encryption Issue Vulnerability

Hitachi ABB Power Grids System Data Manager is a system data manager from Hitachi, Japan. Hitachi ABB Power Grids System Data Manager is vulnerable to an encryption issue that stems from the fact that the application does not encrypt backup files. A local operating system user can modify the back...

Arista Networks MOS 加密问题漏洞

Arista Networks MOS is a fully programmable and highly modular Linux-based network operating system from Arista Networks, Inc. that uses the familiar industry-standard CLI and runs a single binary software image in the Arista switch family. The vulnerability stems from the fact that the product...

JetBrains Hub Encryption Issue Vulnerability

JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is capable of integrating multiple JetBrains team tools together. An encryption issue vulnerability exists in versions prior to JetBrains Hub 2021.1.13262, which stems from the fact that the CSP used by the...

CVE-2020-29548

SmarterMail (SmarterTools) up to v100.0.7537 is affected. In this CVE, a meddler-in-the-middle can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session. The issue is described across multiple sources (NVD entry for CVE-2020-29548 and vendor refe...

JetBrains Hub 加密问题漏洞

JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is capable of integrating multiple JetBrains team tools together. An encryption issue vulnerability exists in versions prior to JetBrains Hub 2021.1.13262, which stems from the fact that the CSP used by the...

Charm 加密问题漏洞

Charm is Charm is a framework for rapidly prototyping advanced cryptosystems. Charm version 0.43 is vulnerable to a cryptographic issue. Exploiting this vulnerability source any two users can conspire to gain the ability to decrypt YCT14 data...

Open-xchange OX Documents 加密问题漏洞

Open-xchange OX Documents is an office software suite from the American company Open-xchange. The product supports the creation and editing of text documents, spreadsheets, presentations, and more. Open-xchange OX Documents is vulnerable to an encryption issue that arises from a lack of...

Open-xchange OX Documents 加密问题漏洞

Open-xchange OX Documents is an office software suite from the American company Open-xchange. The product supports the creation and editing of text documents, spreadsheets, presentations, and more. OX Documents suffers from an encryption issue vulnerability that arises from incorrect access contr...

Telegram 加密问题漏洞

Telegram is an instant messaging mobile application. Telegram suffers from a security vulnerability that stems from a vulnerability that can be exploited by an attacker to cause the server to receive messages in a different order than the client sends them...

Eclipse TinyDTLS encryption issue vulnerability

Eclipse TinyDTLS is a library for Datagram Transport Layer Security DTLS.Eclipse TinyDTLS is vulnerable to an encryption issue that could be exploited by an attacker to compute a key to decrypt DTLS communications...

OPENSUSE-SU-2021:1998-1 Security update for tpm2.0-tools

This update for tpm2.0-tools fixes the following issues: - CVE-2021-3565: Fixed issue when no encrypted session with the TPM is used bsc1186490...

OPENSUSE-SU-2021:0919-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding bsc1187212. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Gallagher Command Centre Server Encryption Issue Vulnerability

Gallagher Command Center Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. Gallagher Command Centre Server is vulnerable to an encryption issue that originates from the discovery of an OSDP reader master key in a server memory dump of...

DoraCMS Encryption Problem Vulnerability

DoraCMS is based on Nodejs+eggjs+mongodb written a content management system . An encryption issue vulnerability exists in DoraCMS 2.1.1 and earlier versions. The vulnerability arises because the program does not use AES-CBC encryption with random salts or IVs, which makes user-encrypted password...