5308 matches found
CVE-2024-30152 HCL SX is affected by usage of a weak cryptographic algorithm
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
CVE-2024-30152 HCL SX is affected by usage of a weak cryptographic algorithm
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
IBM Aspera Console Encryption Issue Vulnerability
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. An encryption issue vulnerability exists in IBM Aspera Console 3.4.4 and prior versions, which stems from the use of a...
PT-2025-17933 · Hcl · Hcl Sx
Name of the Vulnerable Software and Affected Versions: HCL SX version 21 Description: The issue is related to the usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or cause other impacts. Recommendations: For HCL...
GO-2025-3610 Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server
Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server...
Blockchain Meets Adaptive Honeypots: a Trust-Aware Approach to Next-Gen IoT Security
Edge computing-based Next-Generation Wireless Networks NGWN-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt the...
A Refreshment Stirred, Not Shaken (III): Can Swapping Be Differentially Private?
The quest for a precise and contextually grounded answer to the question in the present paper's title resulted in this stirred-not-shaken triptych, a phrase that reflects our desire to deepen the theoretical basis, broaden the practical applicability, and reduce the misperception of differential...
Reveal-Or-Obscure: a Differentially Private Sampling Algorithm for Discrete Distributions
We introduce a differentially private DP algorithm called reveal-or-obscure ROO to generate a single representative sample from a dataset of $n$ observations drawn i.i.d. from an unknown discrete distribution $P$. Unlike methods that add explicit noise to the estimated empirical distribution, ROO...
GHSA-6RQH-8465-2XCW Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm
Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...
[SECURITY] Fedora 42 Update: perl-Data-Entropy-0.008-1.fc42
This module maintains a concept of a current selection of entropy source. Algorithms that require entropy, such as those in Data::Entropy::Algorithms, can use the source nominated by this module, avoiding the need for entropy source objects to be explicitly passed around. This is convenient becau...
The vulnerability of the implementation of the AWS4-HMAC-SHA256 algorithm in the cross-platform FTP server CrushFTP allows a hacker to bypass security restrictions, gain access to the administrator account, and execute arbitrary commands.
The vulnerability of the AWS4-HMAC-SHA256 algorithm implementation in the cross-platform FTP server CrushFTP relates to the bypassing of authentication by using the default crushadmin account. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions, gain access ...
CBL Mariner 2.0 Security Update: erlang (CVE-2025-30211)
The version of erlang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30211 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.1...
Dnn.Platform 安全漏洞
Dnn.Platform is an open source web content management platform CMS open sourced by Dnn Software. A security vulnerability exists in Dnn.Platform, which stems from a low complexity CAPTCHA generation algorithm that is easily recognized by OCR tools...
OESA-2025-1364 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...
SUSE CVE-2025-30211
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
DEBIAN-CVE-2025-30211
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211 KEX init error results with excessive memory usage
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211 KEX init error results with excessive memory usage
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211
CVE-2025-30211 affects Erlang/OTP: prior to OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a malicious KEX init message can trigger high memory usage because the implementation does not verify RFC limits on 64-character algorithm names in KEX init messages, leading to memory allocation for processing mali...
CVE-2024-7407 Weak password encoding in Streamsoft Prestiż
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...