5314 matches found
GHSA-7XG2-83F8-39MR The DES/3DES cipher was used as part of the TLS protocol by installation tools
Impact What kind of vulnerability is it? Who is impacted? The Karmada components deployed with karmadactl, karma-operator, and helm chart take Golang default cipher suites as part of the TLS protocol, which includes the insecure algorithm. Referring to...
CVE-2023-50350
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
CVE-2023-50350
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
Design/Logic Flaw
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
CVE-2023-50350 A broken cryptographic algorithm impacts MyXalytics
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
CVE-2023-50350 A broken cryptographic algorithm impacts MyXalytics
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...
Moxa ioLogik E1200 Series Use of a Broken or Risky Cryptographic Algorithm (CVE-2023-5962)
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. This plugin...
GitLab 0.0 < 14.2.6 / 14.3 < 14.3.4 / 14.4 < 14.4.1 (CVE-2021-42574)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft sourc...
Oops! Black Basta ransomware flubs encryption
Researchers at SRLabs have made a decryption tool available for Black Basta ransomware, allowing some victims of the group to decrypt files without paying a ransom. The decryptor works for victims whose files were encrypted between November 2022 and December 2023. The decryptor, called Black Bast...
Weak Hashing Algorithm
bsock is vulnerable to a Weak Hashing Algorithm. The vulnerable is due to the libraries usage of weak hashing algorithm MD5, SHA1 within vendor\faye-websocket.js. This could allow an attacker to break the confidentiality of the websocket communication...
Advisory ROSA-SA-2023-2316
Software: libgcrypt 1.8.5 OS: ROSA Virtualization 2.1 packageevrstring: libgcrypt-1.8.5-7.rv3.src.rpm CVE-ID: CVE-2021-40528 BDU-ID: 2022-00593 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm. Exploitation ...
CVE-2023-5962
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization...
Authorization
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization...
CVE-2023-5962 ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization...
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2023-3493)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-5594
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted...
PT-2023-7999 · Eset · Eset Security For Microsoft Sharepoint Server +12
Name of the Vulnerable Software and Affected Versions: ESET NOD32 versions affected versions not specified ESET Internet Security versions affected versions not specified ESET Smart Security Premium versions affected versions not specified ESET Security Ultimate versions affected versions not...
Incorrect Termination Condition
Lines of code Vulnerability details The provided termination condition if pos = size / 2 && pos = size is incorrect. This condition is not suitable for terminating the maxHeapify function. It should instead be based on comparing values in the heap to ensure the max heap property. The condition if...
Bcoin Security Breach
Bcoin is an alternative implementation of the Bitcoin protocol open-sourced by Bcoin. A security vulnerability exists in Bcoin version 2.2.0, which stems from a vulnerability that allows remote attackers to obtain sensitive information via a weak hash algorithm in the component...
Ubuntu: Security Advisory (USN-6560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...