Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2025-33102 DESCRIPTION: IBM Concert Software uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE:CWE-327:...

CVE-2023-28386

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...

CVE-2021-32519

Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash. The referred vulnerability has been solved with the updated version of QSAN Storage Manager...

USN-4858-1 gradle vulnerabilities

It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...

Pirelli Router P.DG-A4001N WPA Key Reverse Engineering Rev 2

!/usr/bin/env python -- coding: utf-8 -- ''' @license: GPLv3 @author : Eduardo Novella @contact: ednoloainf.upv.es @twitter: @enovella ----------------- Target : ----------------- Vendor : ADB broadband Pirelli Router : Model P.DG-A4001N ISP : Arnet Telecom Argentina, MEO Portugal Possible-target...

Pirelli Router P.DG-A4001N WPA Key Reverse Engineering

!/usr/bin/env python -- coding: utf-8 -- ''' @license: GPLv3 @author : Eduardo Novella @contact: ednoloainf.upv.es @twitter: @enovella ----------------- Target : ----------------- Vendor : ADB broadband Pirelli Router : Model P.DG-A4001N ISP : Arnet Telecom Argentina Possible-targets :...

CVE-2012-3886

AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a 1 brute-force attack or 2 rainbow-table attack...

MD2 algorithm used by security certificates is considered weak

Digital signatures made with the MD2 algorithm are used in some of the issuer certificates that Opera trusts. MD2 is now considered weak...

Debian Security Advisory DSA 1000-2 (libapreq2-perl)

The remote host is missing an update to libapreq2-perl announced via advisory DSA 1000-2. Gunnar Wolf noticed that the correction for the following problem was not complete and requires an update. For completeness we're providing the original problem description: An algorithm weakness has been...

Debian Security Advisory DSA 1000-1 (libapreq2-perl)

The remote host is missing an update to libapreq2-perl announced via advisory DSA 1000-1. An algorithm weakness has been discovered in Apache2::Request, the generic request library for Apache2 which can be exploited remotely and cause a denial of service via CPU consumption. The old stable...

FreeBSD-SA-01:39.tcp-isn

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:39 Security Advisory FreeBSD, Inc. Topic: TCP initial sequence number generation contains statistical vulnerability Category: core Module: kernel Announced: 2001-05-02...