CVE-2015-8085

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC5...

CVE-2016-2379

The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to 1 decrypt hashed passwords by leveraging knowledge of client registration codes or 2 gain login access by eavesdropping on login messages and re-using the hashed passwords...

The vulnerability of the Windows operating system, which allows a malicious individual to increase their privileges

A vulnerability that allows for increased privileges exists in Active Directory and is related to the distribution of passwords created based on group policy settings. Successful exploitation of this vulnerability enables an attacker who has been authenticated to decrypt passwords and use them to...

Wireless Network Security Auditing Bash Script: airgeddon

airgeddon is a living project growing day by day. This is the list of features so far: Interface mode switcher Monitor-Managed keeping selection even on interface name changing DoS over wireless networks using different methods. “DoS Pursuit mode” available to avoid AP channel hopping available...

CVE-2015-8329

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

Information disclosure

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

CVE-2015-8329

SAP Manufacturing Integration and Intelligence (MII) is affected by an encryption downgrade vulnerability due to the use of Base64 and DES. The issue allows downgrade attacks and potential password decryption. Reported impact references are tied to SAP MII versions 12.2, 14.0 and 15.0 (and possib...

Design/Logic Flaw

The RSM aka RSMWinService service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-administrator password by locating the encrypted...

CVE-2015-5610

The RSM aka RSMWinService service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-administrator password by locating the encrypted...

CVE-2015-5610

SolarWinds N-Able N-Central (RSMWinService) is affected by CVE-2015-5610. The RSM service before version 9.5.1.4514 uses the same password decryption key across different customer installations, enabling remote authenticated users to obtain the plaintext domain-administrator password by locating ...

CVE-2015-5610

The RSM aka RSMWinService service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-administrator password by locating the encrypted...

Rockwell Automation RSView32 Information Disclosure Vulnerability

RSView32 is an HMI system for monitoring and controlling automated machines and processes. A security vulnerability in the encryption method used by RSView32 to create password storage files can lead to unauthorized decryption by software users using an old algorithm, which will disclose the user...

qibo通杀csrf+存储xss+分析明文账号密码进后台+成功getshell

简要描述： csrf+xss+成功getshell以整站系统为例 详细说明： 后台无csrf防御，首先，看下全局过滤。全局过滤目录结构admin/index.php-admin/global.php-inc/common.inc.php这里是重点 None cookie=VGxWUVoIVz5QVwAGBlVQXFYABQRVUQJTAlVdWwMCA1RRBA8FBgdaBA==638eb521ba mymd5 'VGxWUVoIVz5QVwAGBlVQXFYABQRVUQJTAlVdWwMCA1RRBA8FBgdaBA==638eb521ba','127.0.0.1' 得：...

IPSwitch IMail Server <= 8.1 - Local Password Decryption Utility

No description provided by source. / IpSwitch IMail Server = ver 8.1 User Password Decryption by Adik netmaniac hotmail KG IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption sche...

Ultimate PHP Board 1.8/1.9 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13975/info Ultimate PHP Board is prone to a weak password encryption vulnerability. This issue is due to a failure of the application to protect passwords with a sufficiently effective encryption scheme. This issue may...

VulnCheck KEV: CVE-2014-1812

Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate...

mRemote Offline Password Decrypt

mRemote Offline Password Decrypt Based on Metasploit Module enummremotepwds.rb from David Maloney Autor: Adriano Marcio Monteiro E-mail: [email protected] Blog: adrianomarciomonteiro.blogspot.com.br Usage: ruby mRemoteOffPwdsDecrypt.rb confCons.xml require 'rexml/document' require...

[VNC Password Recovery v2.0] All-in-one VNC Password Decoder Tool

VNC Password Recovery is the FREE software to instantly recover VNC password stored by popular VNC Servers. It automatically detects the encrypted VNC password stored in the file system or registry by various VNC server applications. Then it quickly decrypts it and display the original VNC...

Multi Gather Firefox Signon Credential Collection

This module will collect credentials from the Firefox web browser if it is installed on the targeted machine. Additionally, cookies are downloaded. Which could potentially yield valid web sessions. Firefox stores passwords within the signons.sqlite database file. There is also a keys3.db file whi...

Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001

Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync GADS Tool Platform. Windows, Linux, Solaris Affected versions. All versions up to 3.1.3 Severity Rating. High Impact. Exposure of...