Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime SDM modules. The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws...

SUSE-SU-2024:0344-1 Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: - CVE-2023-6932: Fixed a use-after-free vulnerability in the ipv4 igmp component that could lead to local privilege escalation bsc1218255. - CVE-2023-6176: Fixed a denial of service...

Insecure Cryptographic Algorithm

Ylianst MeshCentral is vulnerable to the use of an Insecure Cryptographic Algorithm. The vulnerability is due to the usage of the HMAC-MD5 algorithm, which allows an attacker to brute force the encrypted content...

IBM PowerSC Encryption Issue Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decry...

GHSA-V269-RRR6-CX6R Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51838

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51838

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

Design/Logic Flaw

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51838

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

MeshCentral Security Vulnerability

MeshCentral is a complete web-based remote monitoring and management site for the MeshCentral community. A security vulnerability exists in MeshCentral version 1.1.16 that stems from an issue with the use of a corrupted or risky encryption algorithm...

IBM PowerSC 加密问题漏洞

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC has an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt highly...

CVE-2023-51838

CVE-2023-51838 affects MeshCentral 1.1.16. The issue arises from Use of a Broken or Risky Cryptographic Algorithm; Veracode notes HMAC-MD5 usage. CVSS v3.1 base score 7.5 (HIGH) with Confidentiality impact HIGH. No explicit remediation or patch details are provided in the supplied documents; expl...

CVE-2023-51838

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

Design/Logic Flaw

Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...

CVE-2024-1040

CVE-2024-1040 affects Gessler GmbH WEB-MASTER, specifically version 7.9, where user passwords are stored using a weak hashing algorithm. The weakness allows an attacker to restore passwords by breaking the stored hashes (confirmed by multiple sources in connected documents). This vulnerability ha...

vantage6-algorithm-store (>=4.10.0 <=4.15.1rc1), vantage6-node (>=0.0.0 <=4.15.1rc1) +1 more potentially affected by CVE-2024-22193 via vantage6 (>=0.0.0 <=4.1.3)

vantage6 PYPI version =0.0.0, =4.10.0, =0.0.0, =0.0.0, =4.15.1rc1 Source cves: CVE-2024-22193 Source advisory: OSV:GHSA-RJMV-52MP-GJRR...

GHSA-W9H2-PX87-74VX vantage6 remote code execution vulnerability

Impact Authenticated users could inject code into algorithm environment variables Workarounds No...

vantage6 remote code execution vulnerability

Impact Authenticated users could inject code into algorithm environment variables Workarounds No...

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, a...

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analys...