4 matches found
Triangle MicroWorks SCADA Data Gateway 安全漏洞
Triangle MicroWorks SCADA Data Gateway is a SCADA data gateway product developed by Triangle MicroWorks, Inc. and is mainly used for data acquisition and monitoring in industrial automation control systems. Triangle MicroWorks SCADA Data Gateway suffers from an information disclosure vulnerabilit...
GHSA-44PR-MGCP-V36R SimpleSAMLphp Unauthenticated encryption in CBC mode
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers...
Code injection
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers...
CVE-2017-12870
SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers...