CVE-2024-41777

IBM Cognos Controller 11.0.0 and 11.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

PT-2026-2248

Name of the Vulnerable Software and Affected Versions RustCrypto versions 0.14.0-pre.0 through 0.14.0-rc.0 Description The Elliptic Curves library within RustCrypto, a general-purpose Elliptic Curve Cryptography ECC implementation, contains a flaw in its SM2 Public Key Encryption PKE...

PT-2026-1813

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8.0 Description A configuration issue exists where data transmission occurs without encryption. Specifically, improper handling of the Pause Encryption procedure on the Link Layer can result in a previously...

Lego’s Smart Bricks explained: what they do, and what they don’t

Lego just made what it claims is its most important product release since it introduced minifigures in 1978. No, it's not yet another brand franchise. It's a computer in a brick. Called the Smart Brick , it's part of a broader system called Smart Play that Lego hopes will revolutionize your child...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

Vulnerabilities fixed in Hanwha camera systems

Hanwha has fixed vulnerabilities in several camera systems, including issues with XML validation, certificate validation, permissions management for guest accounts, video analytics and hard-coded encryption key. The vulnerabilities include an issue with the validation of incoming XML requests,...

CVE-2025-47345

Cryptographic issue may occur while encrypting license data...

[SECURITY] Fedora 43 Update: python-pdfminer-20251230-1.fc43

Pdfminer.six is a community maintained fork of the original PDFMiner. It is a tool for extracting information from PDF documents. It focuses on getting and analyzing text data. Pdfminer.six extracts the text from a page directly from the sourcecode of the PDF. It can also be used to get the exact...

CVE-1999-0007

Information from SSL-encrypted sessions via PKCS 1...

CVE-1999-0476

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user...

CVE-1999-0352

ControlIT 4.5 and earlier aka Remotely Possible has weak password encryption...

CVE-1999-0356

ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book...

CVE-2019-16208

Password-based encryption PBE algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services Radius, TACAS, etc...

CVE-2019-16649

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to...

CVE-2006-3411

TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys...

CVE-2019-7593

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal SMP...

CVE-2019-7594

Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal SMP...

CVE-2025-1053

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000341 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic...