Design/Logic Flaw

Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface...

CVE-2006-1833

The CVE-2006-1833 issue affects the Intel RNG Driver in NetBSD 1.6–3.0, where incorrect detection of the pchb interface causes it to generate a constant random value. This predictable output could enable remote attackers to more easily crack encryption keys derived from the RNG. The available con...

Information disclosure

nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...

CVE-2006-1117

nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...

CVE-2006-1117

CVE-2006-1117 concerns nCipher firmware before v10 (used by nShield, nForce, netHSM, payShield, SecureDB, DSE200, TSMC, and possibly others). The issue arises from options meant for testing, not production, which might allow remote attackers to obtain encryption keys and crack them with less effo...

CVE-2006-1117

nCipher firmware before V10, as used by 1 nShield, 2 nForce, 3 netHSM, 4 payShield, 5 SecureDB, 6 DSE200 Document Sealing Engine, 7 Time Source Master Clock TSMC, and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote...

CVE-2005-4696

The Microsoft Wireless Zero Configuration system WZCS stores WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network...

CVE-2002-1810

D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information...

NotifyLink contains multiple SQL injection vulnerabilities

Overview There are multiple vulnerabilities in NotifyLink that allow unauthenticated remote users to view or modify the contents of the NotifyLink SQL database. Possible modifications include the addition of unauthorized user and administrator accounts. Description Notify Technology NotifyLink...