CVE-2021-39021

IBM Guardium Data Encryption GDE 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856...

Design/Logic Flaw

IBM Guardium Data Encryption GDE 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856...

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is an application from IBM USA, Inc. IBM Guardium Data Encryption GDE 5.0.0.2 contains a security vulnerability that can be exploited by attackers to cause username enumeration...

Security Bulletin: A security vulnerability has been identified in IBM Guardium Data Encryption (GDE) (CVE-2021-39021)

Summary A security vulnerability has been identified in IBM Guardium Data Encryption GDE CVE-2021-39021. Please apply the lested version of GDE , to get the fix. Vulnerability Details CVEID: CVE-2021-39021 DESCRIPTION: IBM Guardium Data Encryption GDE behaves differently or sends different...

FIN8 Hacker group using new ‘White Rabbit’ Ransomware against U.S. Banks

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. White Rabbit is a ransomware family that has only recently been discovered. It could be a subsidiary project of the FIN8 hacking gang. A ransomware expert seeking for a sample of the malware made the first public disclosure...

CVE-2022-23105

CVE-2022-23105 affects Jenkins Active Directory Plugin 2.25 and earlier. The vulnerability stems from the plugin not encrypting data transmitted between the Jenkins controller and Active Directory servers in most configurations, enabling potential information disclosure. Connected advisories refe...

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser allows a hacker to bypass existing security restrictions by using a specially created HTML page.

The vulnerability of the DevTools suite for web development in the Google Chrome browser is related to data encryption errors. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions through a specially created HTML page...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

CVE-2021-40148

CVE-2021-40148 affects Modem EMM in Google Android devices. Root cause: missing data encryption in the modem EMM leads to information disclosure without privileges or user interaction. Impact: remote information disclosure. Remediation: patch MOLY00716585 (Issue ALPS05886933) has been released. E...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

ASB-A-204728248

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Guardium Data Encryption (GDE) (CVE-2021-45105 and CVE-2021-45046)

Summary Vulnerability in Apache Log4j affects IBM Guardium Data Encryption GDE CVE-2021-45105 and CVE-2021-45046. The patch includes Apache Log4j 2.17. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from...

CVE-2021-32993

IntelliBridge EC 40 and 60 Hub C.00.04 and prior contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

Security Bulletin: There are multiple vulnerabilities identified in IBM Guardium Data Encryption (GDE) (CVE-2021-20378, CVE-2021-20416, CVE-2021-20474, CVE-2021-20379)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed in GDE 4.0.0.5. Please apply the latest version to obtain the fixes. Vulnerability Details CVEID: CVE-2021-20474 DESCRIPTION: IBM Security Guardium does not perform any...

Security Bulletin: A security vulnerability has been identified in Log4j 2 used in IBM Guardium Data Encryption (GDE) (CVE-2021-44228)

Summary Log4j 2 is a logging package used by IBM Security Guardium Data Encryption GDE. That package has a security vulnerability. Consult the bulletin listed below for details. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrar...

The vulnerability of the IBM QRadar SIEM system for event collection and analysis, related to insufficiently secure data encryption, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM QRadar SIEM event collection and analysis system is related to insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2021-37050

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-37050

CVE-2021-37050 corresponds to a Huawei HarmonyOS encryption issue where a component fails to properly encrypt data, potentially affecting service confidentiality. The connected sources (CNVD/CNNVD/CVELIST/NVD entries) describe a memory of an encryption vulnerability in Huawei HarmonyOS affecting ...

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) ( CVE-2021-20417, CVE-2021-20415)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed in GDE 4.0.0.5. Please apply the latest version to obtain the fixes. Vulnerability Details CVEID: CVE-2021-20417 DESCRIPTION: IBM Guardium Data Encryption GDE could all...

The vulnerability of the PostgreSQL database management system, related to the lack of encryption measures for protected data, allows attackers to execute “man-in-the-middle” attacks.

The vulnerability of the PostgreSQL database management system is related to the lack of encryption measures for protected data. Exploiting this vulnerability allows a malicious actor to execute a “man-in-the-middle” attack...