CVE-2020-4379

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158...

IBM Spectrum Scale Encryption Issue Vulnerability

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

IBM Spectrum Scale Encryption Problem Vulnerability (CNVD-2020-30835)

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

Information Disclosure Vulnerability in Multiple Huawei Products (CNVD-2020-36726)

Huawei Anne-AL00 and others are products of Huawei, a Chinese company.Huawei Anne-AL00 is a smartphone.Honor 10 Lite is a smartphone.Huawei TC5200-16 is a wireless router.Huawei Anne-AL00 is a smartphone.Huawei Anne-AL00 is a smartphone.Huawei Anne-AL00 is a smartphone.Huawei TC5200-16 is a...

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

Information disclosure

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

WindowsHello open source library encryption issue vulnerability

WindowsHello is an unlocking open source library for use with the Windows Hello biometric facial recognition library. A vulnerability exists in the WindowsHello open source library NuGet HaemmerElectronics.SeppPenner.WindowsHello prior to version 1.0.4 due to a cryptographic issue. An attacker ca...

CVE-2019-4553

IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958...

CVE-2019-12121

An issue was detected in ONAP Portal through Dublin. By executing a padding oracle attack using the ONAPPORTAL/processSingleSignOn UserId field, an attacker is able to decrypt arbitrary information encrypted with the same symmetric key as UserId. All Portal setups are affected...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

kr00ker ============ Description This script is a simple ex...

IBM API Connect weak encryption vulnerability (CNVD-2020-17503)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. A weak encryption vulnerability exists in IBM API Connect versions V5.0.0.0 through 5.0.8.7iFix3...

CVE-2019-10705

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials...

CVE-2019-10705

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials...

Authentication flaw

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials...

CVE-2019-10705

Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials...

CVE-2019-10705

CVE-2019-10705 affects Western Digital SanDisk X600 SATA SSDs. The vulnerability is in the drive’s access control mechanism, potentially allowing data to be decrypted without authentication. Public materials identify this as part of a set of SED flaws (with CVEs including 2018-12037/12038 and 201...

A Flaw in Billions of Wi-Fi Chips Let Attackers Decrypt Data

Affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and various Wi-Fi routers...

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

SAN FRANCISCO — A serious vulnerability in Wi-Fi chips has been discovered that affects billions of devices worldwide, according to researchers. It allows attackers to eavesdrop on Wi-Fi communications. The bug CVE-2019-15126 stems from the use of an all-zero encryption key in chips made by...