CVE-2020-8761

Inadequate encryption strength in subsystem for IntelR CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access...

Code injection

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended...

CVE-2020-8173

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended...

Cryptographic Algorithm Vulnerability in ABB Industrial Robot Teachers

ABB China Ltd. is committed to providing solutions for customers in the industrial, energy, power, transportation and construction sectors. A vulnerability exists in the encryption algorithm of the ABB industrial robot demonstrator. The vulnerability can be exploited by an attacker to crack the...

CVE-2020-13785

D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength...

CVE-2016-11043

An issue was discovered on Samsung mobile devices with M6.0 software. The S/MIME implementation in EAS uses DES where 3DES is intended. The Samsung ID is SVE-2016-5871 June 2016...

The vulnerabilities of the OpenUI5 and SAPUI5 software platforms stem from deficiencies in the encryption of user-input data, allowing attackers to carry out cross-site scripting attacks.

The vulnerabilities of the OpenUI5 and SAPUI5 software platforms exist due to deficiencies in the encryption of user-input data. Exploiting these vulnerabilities allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform arises from deficiencies in the encryption of user-input data. This allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the BI Workspace component of the SAP BusinessObjects Business Intelligence platform exists due to deficiencies in the encryption of data entered by users. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

CVE-2019-19411

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gai...

CVE-2019-18263

An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity 718132 with wireless option shipped between 2016-August 2018, Veradius Unity 718132 with ViewForum option shipped between 2016-August 2018, Pulsera 718095 and Endura 718075 with wireless option shipp...

Multiple Huawei products encryption issues vulnerabilities

The Huawei S12700, among others, is an enterprise switch product from Huawei, a Chinese company. An encryption vulnerability exists in several Huawei products. The vulnerability stems from a weak encryption algorithm used by the product by default, which can be exploited by an attacker to disclos...

The vulnerability of the CMSdecrypt and PKCS7decrypt functions (cms_env.c, cms_smime.c, and pk7_doit.c) in the OpenSSL library, related to deficiencies in the secret data encryption mechanism, allows attackers to gain unauthorized access to protected information.

The vulnerability of the CMSdecrypt and PKCS7decrypt functions cmsenv.c, cmssmime.c, and pk7doit.c in the OpenSSL library is related to deficiencies in the encryption mechanism for confidential data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized...

Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Use of a Broken or Risky Cryptographic Algorithm vulnerability

Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4339 DESCRIPTION: IBM Security Guardium Big Data Intelligence SonarG uses weaker than expected cryptographic algorithms that could allow an attacker to decry...

Researchers Find New Hack to Read Content Of Password Protected PDF Files

Looking for ways to unlock and read the content of an encrypted PDF without knowing the password? Well, that's now possible, sort of—thanks to a novel set of attacking techniques that could allow attackers to access the entire content of a password-protected or encrypted PDF file, but under some...

Jisiwei i3 robot vacuum cleaner encryption issue vulnerability

Jisiwei i3 is a vacuuming robot from the Chinese company Jisiwei. A vulnerability with encryption issues exists in version 2.0 of the Jisiwei i3 robot vacuum cleaner APP. The vulnerability stems from a networked system or product that does not properly utilize relevant cryptographic algorithms,...

CVE-2018-15811

DNN aka DotNetNuke 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters...

IBM Security Access Manager Weak Encryption Algorithm Vulnerability

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. A weak encryption algorithm vulnerability exists in IBM Security Access Manager...

IBM Security Access Manager Clickjacking Vulnerability

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. A clickjacking vulnerability exists in IBM Security Access Manager versions 9.0.1....

CVE-2017-13108

DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key...

CVE-2018-8902

An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2. The impacted products used a single shared key encryption model to encrypt data. A user with access to system databases can use the discovered key to access potentially confidential stored data, which may include...