10 matches found
EUVD-2024-40429
Malicious code in bioql PyPI...
CVE-2024-45374
The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent vi...
CVE-2024-43694
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...
CVE-2024-43694 goTenna Pro ATAK Plugin Insecure Storage of Sensitive Information
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...
CVE-2024-43694
The CVE-2024-43694 issue affects the goTenna Pro ATAK Plugin. Insecure storage of encryption keys with a static IV on the End User Device enables full decryption of device-stored keys and thus all encrypted broadcast communications. Affected versions include goTenna Pro ATAK Plugin prior to the f...
CVE-2024-43694 goTenna Pro ATAK Plugin Insecure Storage of Sensitive Information
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device...
CVE-2024-45374 goTenna Pro ATAK Plugin Weak Password Requirements
The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent vi...
CVE-2024-45374
The CVE-2024-45374 entry concerns the goTenna Pro ATAK Plugin, where encryption keys are shared via a key broadcast method that uses weak passwords. If the broadcasted key is captured over RF and cracked, all past and future messages encrypted with that key can be decrypted. This vulnerability ap...
goTenna Pro 安全漏洞
goTenna Pro is a series of devices from goTenna that can create networks for off-grid communications and situational awareness. A security vulnerability exists in goTenna Pro versions 1.9.12 and earlier, which stems from an encryption key being stored with a static IV, which allows the key stored...
cman security, bug fix, and enhancement update
2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...