Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2025-15618

Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key. Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic use. This key is...

Ivanti Endpoint Manager Encryption Misuse Vulnerability

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to manage all endpoint devices in an enterprise network. Ivanti Endpoint Manager suffers from a cryptographic misuse vulnerability that stems from an incorrect cryptographic implementation, which can be...

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to manage all endpoint devices in an enterprise network. Ivanti Endpoint Manager suffers from a cryptographic misuse vulnerability that stems from an incorrect cryptographic implementation, which can be...

okhttp: information disclosure via improperly used cryptographic function

In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

okhttp: information disclosure via improperly used cryptographic function

In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

Oclean Mobile Application Encryption Issue Vulnerability

An encryption issue vulnerability exists in Oclean Mobile Application, which arises from a network system or product that does not properly use the relevant cryptographic algorithms, resulting in content that is not properly encrypted, weakly encrypted, and sensitive information stored in plainte...

CVE-2020-6874

A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04...

TP-Link TL-WR1043ND Encryption Issue Vulnerability

The TP-Link TL-WR1043ND is a wireless router from China P&L TP-Link. An encryption issue vulnerability exists in the TP-Link TL-WR1043ND V2. The vulnerability stems from a network system or product that does not properly use the relevant cryptographic algorithms, and can be exploited by an attack...

Moxa AWK-3121 Encryption Issues Vulnerability

Moxa AWK-3121 is an industrial-grade wireless access point from Moxa Taiwan, China. An encryption issue vulnerability exists in Moxa AWK-3121 version 1.14. The vulnerability stems from the network system or product not properly using the relevant cryptographic algorithms, resulting in content not...