AMD CPUs 加密问题漏洞

AMD CPUs are a family of CPUs from AMD in the United States. A security vulnerability exists in AMD CPUs. An attacker could exploit this vulnerability to infer the data values used by the SEV guest on an AMD CPU by monitoring the ciphertext values...

IBM Cloud Pak System 加密问题漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports cross-hybrid cloud deployment, management, and mobile application environments. IBM Cloud Pak System has an encryption issue vulnerability that stems from t...

HCL BigFix Platform 加密问题漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, India. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL Technologies HCL BigFix Platform. An...

IBM Spectrum Scale 加密问题漏洞

IBM Spectrum Scale is a scalable data and file management solution from IBM based on IBM GPFS an enterprise file management system optimized for petabyte-scale storage management. The product supports helping customers reduce storage costs while improving security and management efficiency in...

Google Android 加密问题漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google Android has an encryption vulnerability that can be exploited by attackers to cause local information leakage without additional execution privileges...

CVE-2022-1279

A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2...

PT-2022-13769 · Unknown · Ebics-Java/Ebics-Java-Client

Name of the Vulnerable Software and Affected Versions: ebics-java/ebics-java-client versions prior to 1.2 Description: A vulnerability in the encryption implementation of EBICS messages in the open source library ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt...

MGASA-2022-0138 Updated ceph packages fix security vulnerability

Updated ceph packages fix security vulnerabilities: the key length for encrypted devices created using ceph-volume is incorrect. This is due to a bug in cephvolume/util/encryption.py which is fixed by this new version. CVE-2021-3979...

Dell Technologies Dell PowerScale OneFS 加密问题漏洞

Dell PowerScale OneFS is a PowerScale OneFS operating system that provides a horizontally scalable NAS. Dell PowerScale OneFS has a security vulnerability that could be exploited by an attacker to cause an information breach...

WordPress plugin Download Manager 安全特征问题漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Download Manager plugin version 3.2.39...

Dell Technologies Dell PowerScale OneFS 加密问题漏洞

Dell PowerScale OneFS is the PowerScale OneFS operating system that provides horizontal scaling NAS. A security vulnerability exists in Dell PowerScale OneFS, which can be exploited by a remote unprivileged malicious attacker to cause full access to the system...

Fortinet FortiWan 加密问题漏洞

Fortinet FortiWan is a network appliance from Fortinet, Inc. Fortinet FortiWAN versions prior to 4.5.9 are vulnerable to an encryption issue that stems from the program using a corrupted or risky encryption algorithm. An attacker could exploit this vulnerability to decrypt and forge protocol...

HTCondor 加密问题漏洞

HTCondor is a workload management system at the University of Wisconsin-Madison USA. The system provides job queuing mechanisms, scheduling policies, prioritization schemes, resource monitoring and resource management. A security vulnerability exists in HTCondor where an attacker who can capture...

CVE-2021-32945 MDT AutoSave Inadequate Encryption Strength

An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02.06...

Mitsubishi Electric MELSEC iQ-F series 加密问题漏洞

Mitsubishi Electric Automation China Co., Ltd. is a wholly-owned enterprise in China invested by Mitsubishi Electric Corporation. It mainly produces mechanical appliances for power distribution including low-voltage circuit breakers, electromagnetic openers and closers, electrical processing...

GE General Electric Renewable Energy MDS Radios 加密问题漏洞

GE General Electric Renewable Energy MDS Radios are a family of industrial wireless solutions from General Electric GE. GE General Electric Renewable Energy's MDS iNET/iNET II/SD/TD220/TD220MAX Radios are vulnerable to an encryption issue that stems from weaknesses in the wireless security softwa...

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to cause partial service interruptions.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to errors in resource release. Exploiting this vulnerability can allow an attacker to cause a partial service outage...

HCL BigFix Compliance 加密问题漏洞

HCL BigFix Compliance is HCL India's continuous monitoring and application of endpoint security settings to ensure compliance with regulatory or organizational security policies. A cryptographic issue vulnerability exists in HCL BigFix Compliance versions prior to version 2.0.5 that stems from th...

Researchers Demonstrate New Side-Channel Attack on Homomorphic Encryption

A group of academics from the North Carolina State University and Dokuz Eylul University have demonstrated what they say is the "first side-channel attack" on homomorphic encryption that could be exploited to leak data as the encryption process is underway. "Basically, by monitoring power...

OESA-2022-1532 cryptsetup security update

cryptsetup is a utility used to conveniently set up disk encryption based on the DMCrypt kernel module. Security Fixes: It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the...