63 matches found
📄 MagnusBilling 6 Server-Side Request Forgery / Path Traversal
Proof of concept exploit for MagnusBilling 6 vulnerabilities including server-side request forgery, path traversal, and cryptographic weaknesses. ============================================================================================================================================= | Title :...
Exploit for Out-of-bounds Read in Openssl
--- Cybersecurity Labs Portfolio This repository contain...
EUVD-2020-28636
Malware in sbrugna...
EUVD-2023-46405
Malicious code in bioql PyPI...
EUVD-2022-37265
Malicious code in bioql PyPI...
CVE-2025-34192
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 macOS/Linux client deployments are built against OpenSSL 1.0.2h-fips released May 2016, which has been end-of-life since 2019 and is no longer supported by the OpenSSL...
CVE-2025-34192
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 macOS/Linux client deployments are built against OpenSSL 1.0.2h-fips released May 2016, which has been end-of-life since 2019 and is no longer supported by the OpenSSL...
PT-2025-29824
Name of the Vulnerable Software and Affected Versions Plack-Middleware-Session versions prior to 0.35 Description The default session ID generator in Plack-Middleware-Session for Perl uses a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID PID. The PID...
CVE-2023-41928
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...
CVE-2023-41927
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses...
CVE-2020-27020
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...
CVE-2019-8113
Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration...
IBM Concert 加密问题漏洞
IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert Software suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which could be...
CVE-2025-26486
Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...
Use of insecure cryptographic algorithms
This crate uses a number of cryptographic algorithms that are no longer considered secure and it uses them in ways that do not guarantee the integrity of the encrypted data. MagicCrypt64 uses the insecure DES block cipher in CBC mode without authentication. This allows for practical brute force a...
CVE-2023-41928
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...
CVE-2023-41927
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses...
CVE-2023-41928 Remote server offers deprecated TLS protocol in Kiloview P1/P2 devices
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...
CVE-2023-41928 Remote server offers deprecated TLS protocol in Kiloview P1/P2 devices
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...
CVE-2023-41927 Weak TLS Cipher Suites Supported in Kiloview P1/P2 devices
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses...