1648 matches found
CVE-2025-54981 Apache StreamPark: Weak Encryption Algorithm in StreamPark
Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, including JWT tokens, may have risked exposing sensitive authentication data This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are...
Apache StreamPark 安全漏洞
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a weak algorithmic vulnerability that stems from the use of weak encryption algorithms, which can be exploited by an attacker to expose sensitive...
Apache StreamPark 安全漏洞
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a security bypass vulnerability due to the use of a fixed, immutable encryption key. An attacker could exploit the vulnerability to decrypt...
Siemens SINEMA Remote Connect Server 安全漏洞
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens Germany. The platform is primarily used to remotely access, maintain, control and diagnose the underlying network. A security vulnerability exists in Siemens SINEMA Remote Connect Server versions prior to V3...
Inadequate Encryption Strength
Overview altcha is a Privacy-first CAPTCHA widget, compliant with global regulations GDPR/HIPAA/CCPA/LGDP/DPDPA/PIPL and WCAG accessible. No tracking, self-verifying. Affected versions of this package are vulnerable to Inadequate Encryption Strength in the Proof of Work obfuscation scheme. An...
CVE-2025-41743
Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes...
CVE-2025-41743
The CVE-2025-41743 entry affects Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3. Root cause: insufficient encryption strength in update images. Impact: a local, unprivileged attacker can extract data from update images and obtain limited information about system architecture and i...
CVE-2025-41743 Sprecher Automation: SPRECON-E series prone to weak encryption of update files
Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes...
IBM Concert 加密问题漏洞
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which can ...
Siemens SIPROTEC Inadequate Encryption Strength (CVE-2024-38867)
The affected devices are supporting weak ciphers on several ports 443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS. This could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports. This plugin only...
ROS-20251105-06
The vulnerability of Microsoft .NET Framework, .NET software platforms, and Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Microsoft Visual Studio software development tool is related to insufficiently strong data encryption. Exploitation...
Linux Distros Unpatched Vulnerability : CVE-2025-55248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. CVE-2025-55248 Note...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in jose-4.15.9.tgz
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in jose-4.15.9.tgz Vulnerability Details CVEID:CVE-2025-45767 DESCRIPTION: jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim of "do not me...
Security Updates for Microsoft Visual Studio Products (October 2025)
The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. CVE-2025-55240 - Inadequate encryption strength in .NET,...
Security Update for Microsoft .NET Core (October 2025)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by information disclosure vulnerability as referenced in the vendor advisory. - Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to...
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwq6-fmvp-qp68. This link is maintained to preserve external references. Original Description Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose...
.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
EUVD-2016-3463
Malware in sbrugna...
EUVD-2016-1293
Malware in sbrugna...
EUVD-2021-19718
Malware in sbrugna...