CVE-2019-15126

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a...

ZTE ZXCLOUD GoldenData VAP Encryption Issue Vulnerability

ZTE ZXCLOUD GoldenData VAP is a set of big data solutions from ZTE Corporation ZTE, China. A vulnerability exists in ZTE ZXCLOUD GoldenData VAP versions prior to 4.01.01.02 due to an encryption issue. The vulnerability stems from the network system or product not properly using the relevant...

Intesync Solismed Encryption Issue Vulnerability

Intesync Solismed is a clinic management system from Intesync USA. An encryption issue vulnerability exists in Intesync Solismed version 3.3sp1. The vulnerability stems from a web-based system or product that does not properly use relevant cryptographic algorithms, resulting in content that is no...

HashiCorp Terraform Encryption Issues Vulnerabilities

HashiCorp Terraform is an open source tool for provisioning and managing cloud infrastructure from HashiCorp, USA. An encryption issue vulnerability exists in HashiCorp Terraform versions prior to 0.12.17 that stems from the program's use of HTTP to transfer sensitive information, which can be...

SUSE-SU-2019:2397-1 Security update for openssl

This update for openssl fixes the following issues: - OpenSSL Security Advisory 10 September 2019 CVE-2019-1547: Added ECGROUPsetgenerator side channel attack avoidance. bsc1150003 CVE-2019-1563: Fixed a Bleichenbacher attack against cms/pkcs7 encryption transported key bsc1150250...

Magento encryption issue vulnerability (CNVD-2019-40840)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and...

Magento encryption issue vulnerability (CNVD-2019-40841)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. An encryption issue vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and...

Magento encryption issue vulnerability (CNVD-2019-40735)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento is vulnerable to encryption issues. No detailed vulnerability details are available at this time...

Magento encryption issue vulnerability (CNVD-2019-40837)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...

Magento Encryption Issues Vulnerabilities

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...

IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog Encryption Issue Vulnerability

IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a set of cloud-based data integration platform.IBM Watson Knowledge Catalog is a unified data catalog system. Watson Knowledge...

PT-2019-10249 · Pulse · Pulse Connect Secure +1

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 8.3RX through 8.3R1 Pulse Policy Secure PPS versions 5.4RX through 5.4R1 Description: The issue concerns the lack of proper encryption for session data between cluster nodes during cluster synchronization...

Schneider Electric IIoT Monitor Encryption Issue Vulnerability

Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric France. Schneider Electric IIoT Monitor is vulnerable to an encryption issue that stems from the program's use of hard-coded keys. An attacker could exploit the vulnerability to decrypt the administrator password...

SUSE-SU-2019:0111-1 Security update for krb5

This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types bsc1120489...

CVE-2018-19065

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9Q password in some case...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-09408)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A security vulnerability exists in a number of F5 products that stems from vCMP VMs running on the VIPRION 2100, 4200, and 4300 series not proper...

Philips Intellispace Portal Encryption Issue Vulnerability

The Philips IntelliSpace Portal ISP is a cardiovascular image information management portal system from Philips in the Netherlands. The system provides viewing of echo images and provides a single point of access for physicians. An encryption issue vulnerability exists in Philips ISP. An attacker...

CVE-2017-17436

An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is encrypted with "Highest Level Bluetooth Encryption" and...

Apple Mac OS X Security Updates (HT208331, HT208394)-01

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-9632

A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all...