48 matches found
CVE-2022-29249 Reversible One-Way Hash and Use of a Broken or Risky Cryptographic Algorithm in io.github.javaezlib.JavaEZ
JavaEZ is a library that adds new functions to make Java easier. A weakness in JavaEZ 1.6 allows force decryption of locked text by unauthorized actors. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required...
SUSE-SU-2021:4003-1 Security update for bcm43xx-firmware
This update for bcm43xx-firmware fixes the following issues: - CVE-2019-15126: Fixed a bug which could have allowed unauthorized decryption of some WPA2-encrypted traffic bsc1167162...
CVE-2020-11005
The WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello, before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another...
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting...
CVE-2018-1466
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...
CVE-2005-3256
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message...