mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

Zoom Client < 4.6.10 Weak Encryption

The version of the Zoom Client installed on the remote host is prior to 4.6.10. It is, therefore, affected by a weak encryption vulnerability. Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit ke...

NCR SelfServ ATMs APTRA XFS Encryption Issue Vulnerability

NCR SelfServ ATMs is a self-service ATM machine device. A cryptographic issue vulnerability exists in NCR SelfServ ATMs APTRA XFS, which can be exploited by a remote attacker to sign arbitrary files and CAB archives used to update the BNA software, bypass the application whitelist, and execute...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2020-10927

The CVE-2020-10927 entry concerns NETGEAR R6700 routers (variant V1.0.4.84_10.0.58). A flaw in the encryption of firmware update images stems from an inappropriate encryption algorithm, enabling network-adjacent attackers to trigger code execution with root privileges. Authentication is not requi...

Palo Alto Networks PAN-OS Encryption Issue Vulnerability

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A cryptographic issue vulnerability exists in Palo Alto Networks PAN-OS that stems from the program's use of a weak encryption protocol, TLS version 1.0. An attacker could exploit this...

CVE-2020-7689 Insecure Encryption

Data is truncated wrong when its length is greater than 255 bytes...

CVE-2020-12036

CVE-2020-12036 affects Baxter PrismaFlex (all versions) and PrisMax (all versions prior to 3.x). The root cause is lack of data-in-transit encryption (no TLS/SSL) when these devices send treatment data to a PDMS or EMR, enabling an attacker with network access to observe sensitive data. The ICS a...

CVE-2020-13777

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS...

D-Link DIR-865L Encryption Problem Vulnerability

The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. A vulnerability with encryption issues exists in D-Link DIR-865L Ax version 1.20B01 Beta. A remote attacker can exploit the vulnerability to obtain sensitive information...

Teclib GLPI Encryption Problem Vulnerability

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. An encryption issue vulnerability exists in Teclib GLPI versions after 0.83....

Design/Logic Flaw

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied...

openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted...