CVE-2022-27581

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

PT-2022-27991 · Sick · Sick Rfu63X

Name of the Vulnerable Software and Affected Versions: SICK RFU63x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

PT-2022-18503 · Sick · Sick Rfu61X

Name of the Vulnerable Software and Affected Versions: SICK RFU61x firmware versions prior to v2.25 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

SICK RFU63x 加密问题漏洞

The SICK RFU61x is the smallest read/write device in the SICK UHF portfolio from SICK. It is ideally suited for IoT applications directly on workpieces or components. A security vulnerability exists in the SICK RFU63x prior to version 2.21, which stems from if a user requests encryption with a we...

PT-2022-6664 · Tp Link · Tp-Link Tapo C200

Name of the Vulnerable Software and Affected Versions: TP-Link Tapo C200 camera version 1.1.22 Build 220725 Description: The issue is related to the implementation of the AES encryption algorithm in the TP-Link Tapo C200 camera, which involves the reuse of the AES Key-IV pair across all cameras...

CVE-2022-34320

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464...

CVE-2022-34319

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463...

PT-2022-4412 · Delta Industrial Automation · Dialink

Name of the Vulnerable Software and Affected Versions: Delta Industrial Automation DIALink versions 1.4.0.0 and prior Description: The issue is related to the use of a hard-coded cryptographic key, which could allow an attacker to decrypt sensitive data and compromise the machine. This could...

Delta Electronics Industrial Automation DIALink 信任管理问题漏洞

Delta Electronics Industrial Automation DIALink is an industrial automation IoT device from Delta Electronics Taiwan, China. The Delta Electronics Industrial Automation DIALink suffers from a security vulnerability that stems from the susceptibility of the affected product to the use of hard-code...

CVE-2022-34906

A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests...

PT-2022-3852 · Filewave · Filewave

Name of the Vulnerable Software and Affected Versions: FileWave versions prior to 14.6.3 FileWave versions 14.7.x prior to 14.7.2 Description: A hard-coded cryptographic key is used in the software. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWa...

CVE-2022-22453

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919...

CVE-2022-22453

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919...

CVE-2022-22464

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

CVE-2022-22464

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

CVE-2022-28385

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity checks, an attacker can manipulate the content of the emulated CD-ROM drive containing the Windows and macOS client software. The content of this emulated CD-ROM drive is stored as an ISO-9660 image in...

CVE-2022-20117

In TBD of TBD, there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2022-20117

Mode C: CVE-2022-20117 affects Pixel devices with Titan M (per Pixel Update Bulletin). The Titan M ID vulnerability indicates an information-disclosure issue where local data encrypted by the GSC can be decrypted due to improper crypto usage. Impact is local information disclosure without extra e...

CVE-2021-20479

IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197498...

CVE-2021-27761

Weak web transport security Weak TLS: An attacker may be able to decrypt the data using attacks...