1429 matches found
CVE-2022-2641
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition...
Race condition
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition...
Horner Automation Remote Compact Controller 安全漏洞
The Horner Automation Remote Compact Controller Horner Automation RCC is a compact controller from Horner Automation, USA. A security vulnerability exists in Horner Automation Remote Compact Controller 972 firmware version 15.40, which originates from the presence of a static encryption key on th...
PT-2022-17828 · Horner Automation · Rcc 972
Name of the Vulnerable Software and Affected Versions: Horner Automation’s RCC 972 version 15.40 Description: The issue is related to a static encryption key on the device, which could allow an attacker to perform unauthorized changes, remotely execute arbitrary code, or cause a denial-of-service...
CVE-2022-41568
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat...
Dell PowerPath Management Appliance 信任管理问题漏洞
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A security vulnerability exists in the Dell PowerPath Management Appliance version 3.3, all versions 3.2,...
CVE-2022-31008
A flaw was found in RabbitMQ. The shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. In certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable dat...
PT-2022-24046 · Patterson Dental · Patterson Dental Eaglesoft
Name of the Vulnerable Software and Affected Versions: Patterson Dental Eaglesoft version 21 Description: The issue concerns the encryption mechanism in Patterson Dental Eaglesoft. Although it uses AES-256 encryption, there are two methods to obtain the keyfile, which are through keybackup.data...
CVE-2022-37710
Patterson Dental Eaglesoft 21 uses AES-256, but the keyfile and salt are hardcoded into a DLL/EXE. Two access paths to the keyfile exist: keybackup.data > License > Encryption Key and Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key, enabling local attackers ...
CVE-2021-27784
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages...
CVE-2021-27784
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages...
CVE-2021-27784 HCL Launch container images may contain non-unique https certificates and database encryption key
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages...
CVE-2021-27784
CVE-2021-27784 affects HCL Launch Container images, where non-unique HTTPS certificates and a database encryption key are included. The documented vulnerability is limited to the container images and does not affect standard installer packages. The available remediation is a fix that provides dir...
CVE-2021-27784 HCL Launch container images may contain non-unique https certificates and database encryption key
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages...
PT-2022-9869 · Hcl · Hcl Launch Container
Name of the Vulnerable Software and Affected Versions: HCL Launch Container images affected versions not specified Description: The issue concerns non-unique HTTPS certificates and a database encryption key in the provided HCL Launch Container images. A fix is available, which includes directions...
GoCD 安全漏洞
GoCD is a continuous delivery server. A security vulnerability exists in GoCD versions prior to 21.1.0 that stems from the fact that GoCD discloses the symmetric key used to encrypt/decrypt any security variables/secrets in the GoCD configuration to an authenticated agent, a malicious/compromised...
Code injection
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008 Predictable credential obfuscation seed value used in rabbitmq-server
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
RabbitMQ 安全特征问题漏洞
RabbitMQ is a feature-rich multi-protocol messaging and streaming agent open-sourced by RabbitMQ. RabbitMQ has a security vulnerability that stems from its shovel and federation plugins performing URI obfuscation in its worker link state. The encryption key used to encrypt the URI carries...