CVE-2020-6987

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

Information disclosure

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

CVE-2020-6987

CVE-2020-6987 affects Moxa PT-7528 (firmware ≤4.0) and PT-7828 (firmware ≤3.9) Ethernet switches. The vulnerability is a weak cryptographic algorithm that may disclose confidential information. The issue is documented with CVSSv3.1 base score 7.5 (Network attack, no privileges, high confidentiali...

CVE-2020-6987

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

Security Bulletin: IBM API Connect is impacted by weak cryptographic algorithms (CVE-2019-4553)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4553 DESCRIPTION: IBM API Connect uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5.9 CVSS Temporal...

Moxa PT-7528 and PT-7828 Series Weak Cryptographic Algorithm Vulnerability

Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa PT-7528 and PT-7828 Series, which can be exploited by attackers to obtain sensitive information...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

Moxa MB3xxx Series Protocol Gateways

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...

Moxa PT-7528 and PT-7828 Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: PT-7528 Series and PT-7828 Series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

Security Bulletin: Weak Cryptographic Algorithm Vulnerability Affects IBM Sterling B2B Integrator (CVE-2018-1720)

Summary IBM Sterling B2B Integrator Standard Edition has addressed the weak cryptographic algorithm vulnerability. Vulnerability Details CVEID: CVE-2018-1720 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition uses weaker than expected cryptographic algorithms that could allow an attacker t...

Security Bulletin: Multiple security vulnerabilities have been addressed in IBM Security Directory Server

Summary Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Vulnerability Details CVEID: CVE-2019-4551 DESCRIPTION: IBM Security Directory Server does not perform an authentication check for a critical resource or functionality allowing anonymous user...

Bit Flipping Attack

parsel is vulnerable to bit flipping attack. The use of an insecure cryptographic algorithm aes-256-cbc without any integrity checks causes its ciphertext to be easily broken by bit-flipping attacks...

Security Bulletin: OpenSSL as used by IBM QRadar Network Packet Capture is vulnerable to (CVE-2019-1559)

Summary The software does not implement a required step in a cryptographic algorithm Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can...

CVE-2019-4609

IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510...

Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-1200 and S7-1500 CPU families Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Missing Support for Integrity Check 2. UPDATE INFORMATION This updated...

Mitsubishi_electric Qj71e71-100 Use of a Broken or Risky Cryptographic Algorithm

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC. File data ot500312.nasl...

Microsoft Office365 Integrity Validation / Remote Code Execution

Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...

Microsoft Office 365 / ProPlus 16.0.11929.202.88 docx2docm Protection Bypass Vulnerability

Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...

The vulnerability of the microprogramming software for Moxa MGate MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 arises from the use of a unstable cryptographic algorithm. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the microprogrammed software of Moxa MGate MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 is related to the use of a unstable cryptographic algorithm. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

Exploit for Use of a Broken or Risky Cryptographic Algorithm in Google Android

README Repository about the Key Negotiation Of Bluetooth KN...