Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

GHSA-8336-MXP6-V5H9 Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-15593

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

CVE-2018-12087

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

Authorization

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-12087

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-12087

OPC Foundation UA Client Applications are affected by CVE-2018-12087 due to failure to validate certificates in communications without security. This allows an attacker who controls a segment of the network infrastructure to decrypt passwords, indicating a confidentiality impact. The vulnerabilit...

Code injection

Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execut...

Security Bulletin: IBM Capacity Management Analytics affected by vulnerability password easy to decrypt in shell files (CVE-2015-7432)

Summary It is very easy to decrypt user and admin password from the setenv.sh and parameter.txt file Vulnerability Details CVEID: CVE-2015-7432 DESCRIPTION: IBM Capacity Management Analytics could allow a local user with special privileges to decrypt other CMA user's usernames and passwords. CVSS...

Memory corruption

IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309...

CVE-2013-5461

IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309...

CVE-2013-5461

The CVE affects IBM Endpoint Manager for Remote Control (9.0.0/9.0.1) and Tivoli Remote Control (5.1.2). It describes insecure storage of password material: multiple hashes of partial passwords can be leveraged by an attacker with hash access to decrypt passwords. This is a confidentiality and po...

CVE-2017-1339

IBM Spectrum Protect 7.1 and 8.1 formerly Tivoli Storage Manager Server uses weak encryption for the password. A database administrator may be able to decrypt the IBM Spectrum protect client or administrator password which can result in information disclosure or a denial of service. IBM X-Force I...

The vulnerability of the “ACTConfig” configuration file of the ABB PCM600 energy management and configuration tool allows a hacker to crack the password and gain access to the main application.

The vulnerability of the “ACTConfig” configuration file of the ABB PCM600 energy management and configuration tool is related to insufficient calculation of the password hash using a unreliable function with a hard-coded key and initialization vector. Exploiting this vulnerability allows an...

Legal Robot: Weak Cryptography for Passwords

Hi Team, I saw while creating new account.Password is being encrypted that's good best practice. But Issue is: 1. It is showing in the request What type of encryptionAlgorithm is used in request. 2. I copied the encrypted password and past it online tool http://md5decrypt.net/en/Sha256/ and i was...

CVE-2017-9856

An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption algorithm. This enables an attacker to find the plaintext passwords and authenticate to the device...

CVE-2017-9856

The connected PT-2017-19222 entry confirms concrete technical details: SMA Solar Technology inverters (Sunny Boy TLST-21/TL-21 and Sunny Tripower TL-10/TL-30) use a simple encryption algorithm for SMAdata2+ passwords, allowing an attacker to decrypt passwords to plaintext and authenticate to the ...

CVE-2017-9856

An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption algorithm. This enables an attacker to find the plaintext passwords and authenticate to the device...

CVE-2017-9856

An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption algorithm. This enables an attacker to find the plaintext passwords and authenticate to the device...

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...