CVE-2021-46559

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection...

Information disclosure

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection...

CVE-2021-43394

Unisys OS 2200 Messaging Integration Services NTSI 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated...

Authentication flaw

Unisys OS 2200 Messaging Integration Services NTSI 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated...

CVE-2021-43394

Unisys OS 2200 Messaging Integration Services NTSI 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated...

CVE-2021-43394

Unisys OS 2200 Messaging Integration Services (NTSI) affects 7R3B IC3/IC4, 7R3C, and 7R3D. The issue is an Incorrect Implementation of an Authentication Algorithm, specifically LDAP password validation is not properly performed. The connected documents consistently describe this as the root cause...

GHSA-FJ2W-WFGV-MWQ6 Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

CVE-2021-41835 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

CVE-2021-41835 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

CVE-2021-33846 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users...

CVE-2021-33846 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users...

CVE-2021-23842 Use of Hard-coded Cryptographic Key

Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and...

[SECURITY] Fedora 35 Update: zstd-1.5.1-6.fc35

Zstd, short for Zstandard, is a fast lossless compression algorithm, targeting real-time compression scenarios at zlib-level compression ratio...

IBM Security Verify encryption issue vulnerability

IBM Security VerifyAccess ISAM is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT, and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls,...

Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys

Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Although mainly...

CVE-2021-3979

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks...

CVE-2021-40006

Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2021-40006

Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...

Design/Logic Flaw

Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...

IBM Security Verify 加密问题漏洞

IBM Security VerifyAccess ISAM is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT, and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls,...