14 matches found
EUVD-2021-23340
Malware in sbrugna...
EUVD-2020-0220
Malware in sbrugna...
CVE-2021-36751
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
CVE-2022-24404 Ciphertext Malleability in TETRA
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
CVE-2022-24404 Ciphertext Malleability in TETRA
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
CVE-2021-36751
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
CVE-2021-36751
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
Design/Logic Flaw
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
CVE-2021-36751
ENC DataVault 7.2.3 and earlier, including OEM versions, use a cryptographic algorithm vulnerable to ciphertext malleability, and lack a data-integrity check. An attacker could modify ciphertext, causing corresponding plaintext changes. The vulnerability is tied to ENC DataVault’s encryption choi...
PT-2022-10543 · Unknown · Enc Datavault Oem +1
Name of the Vulnerable Software and Affected Versions: ENC DataVault versions 7.2.3 and before ENC DataVault OEM versions Description: The issue concerns the use of an encryption algorithm that is vulnerable to data manipulation, known as ciphertext malleability, without requiring knowledge of th...
CVE-2021-36751
ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation without knowledge of the key. This is called ciphertext malleability. There is no data integrity mechanism to detect this manipulation...
Ciphertext Malleability Issue in Tink Java
Impact Tink's Java version before 1.5 under some circumstances allowed attackers to change the key ID part of the ciphertext, resulting in the attacker creating a second ciphertext that will decrypt to the same plaintext. This can be a problem in particular in the case of encrypting with a...
GHSA-G5VF-V6WF-7W2R Ciphertext Malleability Issue in Tink Java
Impact Tink's Java version before 1.5 under some circumstances allowed attackers to change the key ID part of the ciphertext, resulting in the attacker creating a second ciphertext that will decrypt to the same plaintext. This can be a problem in particular in the case of encrypting with a...
Google Nexus Synaptics Touchscreen Firmware Injection(CVE-2017-0433)
Products Nexus 6P Nexus 9 Android One Pixel Pixel XL Vulnerable Versions Verified on Nexus 9 6.0.1/MOB30W Verified on Nexus 9 7.0/NRD90M Technical Details Due to lenient SELinux and DAC policy, vulnerable Synaptics DSX touchscreen driver sysfs file entires are exposed to an attacker that executes...