CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589

CVE-2024-23589 concerns HCL Glovius Cloud. The root cause is an outdated hashing algorithm that could allow attackers to guess input data via brute-force or dictionary attacks using GPUs/ASICs. Documented impact per CVSS metrics is high for confidentiality, integrity, and availability, with adjac...

CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

liboqs 加密问题漏洞

liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. A cryptographic issue vulnerability exists in versions of liboqs prior to 0.13.0, which stems from a design flaw in the HQC algorithm that could result in a large number of malformed ciphertexts sharin...

PT-2025-23341 · Liboqs · Liboqs

Name of the Vulnerable Software and Affected Versions: liboqs versions prior to 0.13.0 Description: The issue is related to a theoretical design flaw in the HQC algorithm, which is implemented in liboqs. This flaw can lead to large numbers of malformed ciphertexts sharing the same implicit...

PT-2025-23314 · Hcl · Hcl Glovius Cloud

Name of the Vulnerable Software and Affected Versions: HCL Glovius Cloud affected versions not specified Description: The issue is related to an outdated Hash algorithm used in HCL Glovius Cloud, which could allow attackers to efficiently guess input data using brute-force or dictionary attacks,...

Joint Data Hiding and Partial Encryption of Compressive Sensed Streams

The paper proposes a method to secure the Compressive Sensing CS streams. It consists in protecting part of the measurements by a secret key and inserting the code into the rest. The secret key is generated via a cryptographically secure pseudo-random number generator CSPRNG and XORed with the...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to CVE-2024-38341.

Summary IBM Sterling Secure Proxy is vulnerable due to the use of a weak crypographic algorithm during hashing. Vulnerability Details CVEID:CVE-2024-38341 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an application agent from International Business Machines IBM used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy that stems from the use of a weak encryption algorithm tha...

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-2828)

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2024-10128

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

CVE-2024-29886

Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...

CVE-2024-1040

Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...

CVE-2024-36496

The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm no salt and uses the first five bytes as the key for RC...

CVE-2024-5559

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...

CVE-2024-54150

cjwt is a C JSON Web Token JWT Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed token and an RS/EC/PS...