CVE-2023-37395

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data...

QNAP Notes Station 3 Authentication Missing Vulnerability

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

CVE-2024-41777

IBM Cognos Controller 11.0.0 and 11.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

PT-2024-29561 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 11.0.0 through 11.0.1 Description: The issue concerns hard-coded credentials, such as a password or cryptographic key, used by IBM Cognos Controller for inbound authentication, outbound communication to external...

ROS-20240203-05

Apache Tomcat application server vulnerability is related to an unchecked error condition. Exploitation The vulnerability could allow an attacker acting remotely to bypass the authentication process and cause a denial of service Apache Tomcat application server vulnerability is related to...

CVE-2024-49806

IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

CVE-2024-49805

IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

PT-2024-33691 · Ibm · Ibm Security Verify Access Appliance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0 through 10.0.8 Description: The issue concerns hard-coded credentials, such as a password or cryptographic key, used by the appliance for its own inbound authentication, outbound...

Automating Data Encryption and Security Audits for Continuous Protection

Protecting sensitive data is critical for businesses facing constant cyber threats. Automating encryption, audits, and access control strengthens security and reduces human error...

The vulnerability of the Apache Tomcat application server, related to insufficient data encryption, allows attackers to execute arbitrary code.

The vulnerability of the Apache Tomcat application server is related to insufficiently secure data encryption. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2024-41781 IBM PowerVM Hypervisor information disclosure

IBM PowerVM Platform KeyStore IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the H...

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from a command injection vulnerability, which stems from the application faili...

QNAP Systems Notes Station 安全漏洞

QNAP Notes Station 3 is a private cloud notes software that runs on QNAP NAS devices and supports real-time multi-person collaboration, version control, data encryption and snapshot backup. QNAP Notes Station 3 suffers from an authentication missing vulnerability that stems from the inclusion of ...

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

The vulnerability of software for optimizing production processes in Location Intelligence, related to insufficiently secure data encryption, allows a intruder to gain unauthorized access to protected information.

The vulnerability of software for optimizing production processes in Location Intelligence is related to insufficiently secure data encryption. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability in the web interface of the Cisco Identity Services Engine, a platform for managing network policies, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the web interface of the Cisco Identity Services Engine management platform for network policies relates to the lack of data encryption measures. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information through a special...

Snowflake JDBC 安全漏洞

Snowflake JDBC is an application from Snowflake, Inc. provides a JDBC type 4 driver that supports the core functionality and allows Java programs to connect to Snowflak. A security vulnerability exists in Snowflake JDBC versions 3.2.6 through 3.19.1, which stems from having incorrect security...

AI girlfriend site breached, user fantasies stolen [updated]

A hacker has stolen a massive database of users’ interactions with their sexual partner chatbots, according to 404 Media. The breached service, Muah.ai, describes itself as a platform that lets people engage in AI-powered companion NSFW chat, exchange photos, and even have voice chats. As you can...

CVE-2023-41611

Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data...