818 matches found
IBM Aspera Faspex Encryption Problem Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. IBM Aspera Faspex has an encryption issue vulnerability that can be exploited by an attacker to obtain sensitive information...
IBM Aspera 加密问题漏洞
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. IBM Aspera Faspex has an encryption issue vulnerability that can be exploited by an attacker to obtain sensitive information...
Google Pixel Security Breach
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from an improper use of encryption in the TBD module, which could lead to authentication bypass...
Dell PowerScale OneFS Information Disclosure Vulnerability (CNVD-2024-16220)
Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An information disclosure vulnerability exists in Dell PowerScale OneFS that arises from the inclusion of the use of corrupt or risky encryption algorithms. An...
mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Code injection
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext...
mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Timing Attack
Cryptography is vulnerable to a Timing Attack. This vulnerability is due to the predictable structure of padding in ciphertexts during RSA encryption. This flaw enables an attacker to distinguish between different types of padding errors, potentially leading to the decryption of captured messages...
PT-2024-40543 · Amazon · Awskms
Name of the Vulnerable Software and Affected Versions: awskms and aesgcm providers affected versions not specified Description: The issue concerns the risk of an IV collision when using the awskms or aesgcm provider for encryption, particularly in scenarios like database column encryption where...
Security Bulletin: TLS padding vulnerability affects Content Manager Enterprise Edition (CVE-2014-8730)
Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects Content Manager Enterprise Edition. Vulnerability Details CVE-ID : CVE-2014-8730 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...
Design/Logic Flaw
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visitin...
CVE-2023-50930
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...
CVE-2023-50350
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
MOXA ioLogik E1200 Series 加密问题漏洞
MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from MOXA, China. The MOXA ioLogik E1200 Series suffers from an encryption issue vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2023-48034
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption...
PYSEC-2023-302
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
CVE-2023-48055
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...
CVE-2023-48056
PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...
Hardcoded credentials
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications...
Weak Encryption Vulnerability in Multiple Siemens Products
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...