EUVD-2018-8075

Malware in sbrugna...

EUVD-2022-3615

Malicious code in bioql PyPI...

Apache OpenMeetings has Inadequate Encryption Strength

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

GHSA-CQM6-HRGQ-6869 Apache OpenMeetings has Inadequate Encryption Strength

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

One Identity Defender 5.9.3 Insecure Cryptographic Storage

Title: One Identity Defender - Insecure Cryptographic Storage Date: 01 September 2019 Affected Software: ================== One Identity Defender 5.9.3 Other versions are likely also vulnerable. Insecure Cryptographic Storage: ============================== Defender stores token seeds, PAP secret...

CVE-2018-16223

Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamerapreferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password...

Default credentials

Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamerapreferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password...

CVE-2018-16223

CVE-2018-16223 affects the QBee Cam Android app (up to version 1.0.5). The vulnerability is due to insecure cryptographic storage of credentials in com.vestiacom.qbeecamera_preferences.xml, enabling a-priori unauthorized retrieval of the username and password. NVD lists CVSSv3.0 as 9.8 (CRITICAL)...

CVE-2018-16223

Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamerapreferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password...

CVE-2017-7673

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

CVE-2017-7673

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

Session fixation

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

CVE-2017-7673

Apache OpenMeetings 1.0.0 is affected by CVE-2017-7673 due to weak cryptographic storage and missing brute-force protection in authentication-related forms, with registration and password-reset flows lacking captcha. Connected docs confirm the vulnerability details but do not provide a remediatio...

CVE-2017-7673

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection...

Riverbed RiOS Insecure Cryptographic Storage

Riverbed RiOS insecure cryptographic storage CVE-2017-5670 Description Riverbed Steelhead hardware appliances are used to optimize and accelerate network traffic. There can be implemented as TLS endpoints, so they have a secure vault aimed to store private TLS certificates for servers. The secure...

ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-004: EMC M&R Watch4Net Multiple Vulnerabilities EMC Identifier: ESA-2015-004 CVE Identifier: CVE-2015-0513, CVE-2015-0514, CVE-2015-0515, CVE-2015-0516, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468,...

Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

D-Link DIR-615 / DIR-300 XSS / CSRF / Command Injection Vulnerabilities

D-Link DIR-615 and DIR-300 suffer from cross site request forgery, OS command injection, lack of cryptographic storage, header injection, and cross site scripting vulnerabilities. Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device...

D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

D-Link DIR-615 / DIR-300 XSS / CSRF / Command Injection / Insecure Crypto

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...