Motorola Solutions ACE1000 信任管理问题漏洞

The Motorola Solutions ACE1000 is a Remote Terminal Unit RTU from Motorola Solutions USA. A security vulnerability exists in the Motorola Solutions ACE1000 RTU version that originates from communication with the XRT LAN to the radio gateway via an embedded client, where access credentials to this...

The vulnerability of the Motorola Data Link Communication protocol’s implementation lies in the use of the Tiny Encryption Algorithm (TEA) in the ECB mode. This allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the Motorola Data Link Communication MDLC protocol lies in the use of the Tiny Encryption Algorithm TEA for block encryption in the ECB mode. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

CVE-2022-28382

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...

GHSA-R9Q2-3R6X-QMGP Inadequate Encryption Strength in Jenkins

Jenkins before versions 2.44 and 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks SECURITY-304...

CVE-2021-0967

In vorbisbookdecodevset of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-1...

Xiph Libvorbis Input Validation Error Vulnerability

Xiph Libvorbis is a tool from the Xiph Foundation that can be used to codec audio. The tool has a common music encoding format built in. An input validation error vulnerability exists in versions of Xiph Libvorbis prior to 1.3.6, which stems from lib/codebook.c not performing array bounds checkin...

CVE-2020-0498

In decodepackedentrynumber of codebook.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android...

CVE-2020-0498

In decodepackedentrynumber of codebook.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android...

CVE-2020-11829

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.05493e40200722...

CVE-2020-11829

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.05493e40200722...

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

...

Zoom Client for Meetings Encryption Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An encryption issue vulnerability exists in Zoom Client for Meetings version 4.6.9 and earlier, which stems from the fact that Zoom Client for Meetings uses ECB mode of AES for video and audio...

CVE-2020-11500

Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key...

PT-2020-12650 · Microsoft +1 · Office 365 +2

Name of the Vulnerable Software and Affected Versions: Zoom Client for Meetings versions 4.6.9 and earlier Microsoft Office 365 affected versions not specified Description: The issue concerns the use of the ECB mode of AES for encryption, which can reveal structural information about encrypted...

GHSA-2J2X-HX4G-2GF4 In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

bouncycastle: ECIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

bouncycastle: ECIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

DEBIAN-CVE-2016-1000352

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

Debian DLA-1312-1 : libvorbisidec security update

Huzaifa Sidhpurwala discovered that an out-of-bounds memory write in the codebook parsing code of the Libtremor multimedia library could result in the execution of arbitrary code if a malformed Vorbis file is opened. For Debian 7 'Wheezy', these problems have been fixed in version...