45 matches found
USN-8418-1 libcrypt-saltedhash-perl vulnerability
It was discovered that Crypt-SaltedHash incorrectly generated salts using a cryptographically weak pseudo-random number generator. An attacker could possibly use this issue to predict generated salts, leading to a weakening of cryptographic protections...
EUVD-2026-26204
This vulnerability exists in e-Sushrut due to disclosure of sensitive information and hardcoded AES encryption keys in client-side JavaScript. An unauthenticated remote attacker could exploit this vulnerability by accessing the client-side code to extract sensitive information and cryptographic...
CVE-2026-42518
The CVE concerns e-Sushrut HMIS where sensitive data and hardcoded AES keys are exposed in client-side JavaScript. An unauthenticated remote attacker could access the client code to extract cryptographic keys, potentially compromising confidentiality and weakening cryptographic protections. Docum...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002399)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002399 advisory. Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat...
EUVD-2014-0657
Malware in sbrugna...
EUVD-2013-4231
Malware in sbrugna...
CVE-2025-59408
Flock Safety Bravo Edge AI Compute Device BRAVO00.00local20241017 ships with Secure Boot disabled. This allows an attacker to flash modified firmware with no cryptographic protections...
CVE-2025-59408
Flock Safety Bravo Edge AI Compute Device BRAVO00.00local20241017 ships with Secure Boot disabled. This allows an attacker to flash modified firmware with no cryptographic protections...
SUSE CVE-2014-9294
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...
Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution (cisco-sa-webex-client-mac-X7vp65BL)
According to its self-reported version, Cisco Webex Meetings Desktop App for Mac is affected by a remote code execution vulnerability due to improper validation of cryptographic protections on files that are downloaded by the application as part of a software update. An unauthenticated, remote...
Input validation
A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...
CVE-2020-3342 Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability
A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...
CVE-2020-3342 Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability
A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...
Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability
A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...
IEEE P1735 implementations may have weak cryptographic protections
Overview The P1735 IEEE standard describes methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plainte...
Insecure Psuedo-Random Number Generation (PRNG)
symfony/symfony uses insecure pseudo-random number generation PRNG. If an application is not using PHP 7, the opensslrandompseudobytes function fails to generate random numbers securely, allowing attackers to defeat the cryptographic protections easier...
CVE-2017-2380
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol SCEP implementation in the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support...
Debian Security Advisory DSA 3688-1 (nss - security update)
Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...
Debian: Security Advisory (DSA-3688-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-4754
ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors...