Lucene search
+L

4 matches found

Github Security Blog
Github Security Blog
added 2025/11/24 3:30 p.m.7 views

Apache Syncope's AES encryption stores hard-coded passwords in internal database

Apache Syncope can be configured to store the user password values in the internal database with AES encryption, though this is not the default option. When AES is configured, the default key value, hard-coded in the source code, is always used. This allows a malicious attacker, once obtained...

7.5CVSS6.8AI score0.00448EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:12 p.m.7 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

4.9CVSS7AI score0.00442EPSS
Exploits0References1
0day.today
0day.today
added 2022/01/17 12:0 a.m.264 views

Cisco IP Phone Cleartext Password Storage Vulnerability

Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability. ======================================================================= title: Cleartext Storage of Phone Password product: Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832,...

4.6CVSS5.6AI score0.00351EPSS
Exploits3
securityvulns
securityvulns
added 2005/05/10 12:0 a.m.24 views

Digital Video Surveillance System weak authentication

Authentication mechanism is vulnerable to man-in-the-midle attack replay attack and cleartext recovery...

3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder