66 matches found
Evaluating Large Language Models in Detecting Secrets in Android Apps
Mobile apps often embed authentication secrets, such as API keys, tokens, and client IDs, to integrate with cloud services. However, developers often hardcode these credentials into Android apps, exposing them to extraction through reverse engineering. Once compromised, adversaries can exploit...
EUVD-2015-3991
Malware in sbrugna...
EUVD-2016-8948
Malware in sbrugna...
EUVD-2013-6105
Malware in sbrugna...
EUVD-2013-5749
Malware in sbrugna...
CVE-2020-11723
Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction...
K2355: Timing attacks on RSA private keys - CAN-2003-0147
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
AZL-47713 CVE-2021-36647 affecting package hvloader for versions less than 1.0.1-6
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
DEBIAN-CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
Information Exposure
Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Information Exposure. Go Vulnerability Report: Int.Exp Montgomery mishandled carry propagation and produced an incorrect output, which makes it easier for attackers to obtain...
Cellebrite UFED 7.29 Hardcoded ADB Authentication Keys Vulnerability
Cellebrite UFED versions 5.0 through 7.29 use four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction. Title: Cellebrite Hardcoded ADB Authentication Keys Publicatio...
CVE-2020-11723
Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction...
Hardcoded credentials
Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction...
Cellebrite UFED Trust Management Issue Vulnerability
Cellebrite UFED is a universal forensic product from Cellebrite Israel. The product is mainly used for data extraction, transmission and analysis of devices. A trust management issue vulnerability exists in Cellebrite UFED versions 5.0 through 7.29, which arises from authentication of the ADB...
Cellebrite Hardcoded ADB Authentication Keys
Vulnerability Details Affected Vendor: Cellebrite Affected Product: UFED Affected Version: 5.0 - 7.29 Platform: Embedded Windows CWE Classification: CWE-321: Use of hardcoded cryptographic keys CVE ID: CVE-2020-11723 2. Vulnerability Description Cellebrite UFED uses four hardcoded RSA private...
CVE-2013-6277
QNAP VioCard 300 has hardcoded RSA private keys...
Hardcoded credentials
QNAP VioCard 300 has hardcoded RSA private keys...
D-Link 6600-AP, DWL-3600AP and DWL-8610AP Information Disclosure Vulnerability
The D-Link 6600-AP, among others, is a wireless access point device from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link 6600-AP, DWL-3600AP, and DWL-8610AP. An attacker could exploit the vulnerability to extract certificates and RSA private keys...
USN-3733-1: GnuPG vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is...
USN-3733-2: GnuPG vulnerability
USN-3733-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered...