CVE-2022-46832

CVE-2022-46832 affects SICK RFU62x firmware pre-2.21. The issue arises when a user requests encryption with a weak cipher suite via SSH, enabling a low-privilege remote attacker to decrypt data due to use of a broken/risky cryptographic algorithm. A patch/update to version 2.21 or later is availa...

CVE-2022-46834

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...

CVE-2022-46833

The CVE-2022-46833 entry describes a vulnerability in SICK RFU63x firmware prior to version 2.21 where requesting weak cipher suites via SSH enables a low-privileged remote attacker to decrypt data due to use of a broken/risky cryptographic algorithm. Impact is confidentiality loss (C:H) with net...

Siemens SCALANCE Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

[SECURITY] Fedora 37 Update: sfnt2woff-zopfli-1.3.1-3.fc37

This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =EF=BF=BD=EF=BF=BD=EF=BF=BD on average =EF=BF=BD=EF=BF=BD=EF=BF=BD 5-8% compared to regular WOFF files. Z opfli generates compressed output that is...

Fedora: Security Advisory for sfnt2woff-zopfli (FEDORA-2022-458378be7a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for sfnt2woff-zopfli (FEDORA-2022-f0980dffd1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Sterling Secure Proxy Weak Encryption Vulnerability

IBM Sterling Secure Proxy is an application agent used by International Business Machines IBM to secure the transfer of files in an organization's non-protected area DMZ. IBM Sterling Secure Proxy version 6.0.3 contains a weak encryption vulnerability that stems from the use of a...

The vulnerability of the httpd daemon in the microprogramming software of TP-Link’s TL-WR940N router allows a intruder to gain unauthorized access to protected information.

The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link, the TL-WR940N, is related to the incorrect implementation of the authentication algorithm. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

French Electricity Provider Fined for Storing Users' Passwords with Weak MD5 Algorithm

The French data protection watchdog on Tuesday fined electricity provider Électricité de France EDF €600,000 for violating the European Union General Data Protection Regulation GDPR requirements. The Commission nationale de l'informatique et des libertés CNIL said the electric utility breached...

WordPress Appointment Hour Booking plugin weak algorithm vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A weak algorithmic...

Design/Logic Flaw

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAPTCHA secret that is also displayed to the user via a cookie...

CVE-2022-4036 Appointment Hour Booking <= 1.3.72 - CAPTCHA Bypass

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAPTCHA secret that is also displayed to the user via a cookie...

CVE-2022-4036 Appointment Hour Booking <= 1.3.72 - CAPTCHA Bypass

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashing algorithm on the CAPTCHA secret that is also displayed to the user via a cookie...

Appointment Hour Booking < 1.3.73 - CAPTCHA Bypass

The plugin does not have a strong hashing algorithm on the CAPTCHA secret, and displays it to the user via a cookie, which could allow them to bypass the protection in place...

dhcp security and enhancement update

12:4.4.2-17.b1 - omshell: add support for hmac-sha512 algorithm 2083553 12:4.4.2-16.b1 - Fix for CVE-2021-25220...

GHSA-HC4J-7MQG-CXJJ PHPServerMon PRNG has Insufficient Entropy

A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may b...

PHPServerMon PRNG has Insufficient Entropy

A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may b...

GHSA-97W9-GCC7-VR8G Insufficient Entropy in PHPServerMon PRNG

A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the publ...