CVE-2024-41982

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...

Dell PowerScale OneFS Encryption Issue Vulnerability

Dell PowerScale OneFS is an enterprise-class distributed file storage system from Dell. A security vulnerability exists in Dell PowerScale OneFS versions prior to 9.11.0.0 that stems from the use of an insecure encryption algorithm. An attacker could exploit the vulnerability to cause information...

Dell PowerScale OneFS 加密问题漏洞

Dell PowerScale OneFS is an enterprise-class distributed file storage system from Dell. A security vulnerability exists in Dell PowerScale OneFS versions prior to 9.11.0.0 that stems from the use of an insecure encryption algorithm. An attacker could exploit the vulnerability to cause information...

IBM OpenPages with Watson 加密问题漏洞

IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring,...

CVE-2025-49824 conda-smithy Insecure Encryption Vulnerable to Oracle Padding Attack

conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travisencryptbinstartoken implementation in the conda-smithy package has been identified as vulnerable to an Oracle Padding Attac...

CVE-2023-34363

An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

The vulnerability of the microprogramming software of APOGEE PXC and TALON TC lies in the insufficiently secure data encryption, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the microprogramming software of APOGEE PXC and TALON TC is related to insufficiently secure data encryption. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2020-9128

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak...

Beta80 Life 1st 安全漏洞

Beta80 Life 1st is a complete suite for managing PSAPs from Beta80. A security vulnerability exists in Beta80 Life 1st version 1.5.2.14234, which stems from the use of insecure or risky encryption algorithms, insufficient computation of password hashes, weak hashes, and unidirectional hashes with...

SunGrow iSolarCloud 安全漏洞

SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in the SunGrow iSolarCloud Android app version...

CVE-2024-50684

SunGrow iSolarCloud Android app (V2.1.6.20241017 and earlier) uses an insecure AES key with insufficient entropy, enabling potential decryption of intercepted communications between the mobile app and iSolarCloud. The vulnerability affects client data encryption in the Android app, with the risk ...

CVE-2024-31415

The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encrypti...

Eaton Foreseer EPMS 安全漏洞

Eaton Foreseer EPMS is a highly customizable web-based software platform from Eaton Corporation. A security vulnerability exists in Eaton Foreseer EPMS prior to version 7.8.600, which arises from a key used to encrypt server configurations that is insecurely stored on the host computer and can be...

CVE-2024-23580 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs)

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords OTPs. This could allow an attacker with access to the database to recover some or all encrypted values...

CVE-2024-23579 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values...

CVE-2024-23579 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values...

HCL Technologies HCL DRYiCE Optibot Reset Station 安全漏洞

HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in the HCL Technologies HCL DRYiCE Optibot Reset Station that stems from being affected by insecure encryption with a one-time password OTP...

PT-2024-19945 · Hcl · Hcl Dryice Optibot Reset Station

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE Optibot Reset Station affected versions not specified Description: The issue concerns insecure encryption of security questions in the HCL DRYiCE Optibot Reset Station. This could potentially allow an attacker with access to the...

HCL Technologies HCL DRYiCE Optibot Reset Station 安全漏洞

HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in the HCL Technologies HCL DRYiCE Optibot Reset Station, which stems from being affected by insecure encryption for security issues...