CVE-2021-32728

The CVE describes a vulnerability in Nextcloud Desktop Client prior to 3.3.0 where the client does not verify that a private key matches the previously downloaded public certificate when obtaining keys via the API. If a server serves a malicious public key, user data could be encrypted for that k...

CVE-2021-32728

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a privat...

The vulnerability of the FortiMail email security system, which stems from insufficient data encryption, allows attackers to enhance their privileges.

The vulnerability of the FortiMail email security system is related to insufficiently secure data encryption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to enhance their privileges...

Security Bulletin: Vulnerabilities in IBM Guardium Data Encryption (GDE) (CVE-2020-7676)

Summary Vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed, please apply the latest version to obtain the fix. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper validation...

IBM Guardium Data Encryption Information Disclosure Vulnerability

IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption that stems from the application's failure to properly limit the number of interactions, which could be...

Code injection

Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private...

CVE-2021-20414

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

CVE-2021-20414

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

Design/Logic Flaw

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

CVE-2021-20414

IBM Guardium Data Encryption GDE 3.0.0.2 could allow a user to bruce force sensitive information due to not properly limiting the number of interactions. IBM X-Force ID: 196216...

CVE-2021-20414

CVE-2021-20414 affects IBM Guardium Data Encryption (GDE) 3.0.0.2. The vulnerability allows a user to brute-force sensitive information due to not properly limiting the number of interactions. IBM’s security bulletin fixes this by upgrading to GDE 5.0.0.x (fixes are listed in the bulletin). No ex...

Nextcloud 信任管理问题漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. The Nextcloud Android Client prior to version 3.16.1 is vulnerable to a trust management issue that stems from the Nextcloud Android Client skipping a step th...

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption that stems from the application's failure to properly limit the number of interactions, which could be...

IBM Security Guardium Data Encryption code issue vulnerability

A security vulnerability in IBM Security Guardium Data Encryption, a U.S.-based IBM software for securing sensitive data within organizations, stems from the fact that data encryption does not invalidate sessions after logging out and can be exploited by attackers to The vulnerability allows an...

IBM Security Guardium Data Encryption Information Disclosure Vulnerability (CNVD-2022-05125)

IBM Security Guardium Data Encryption is a software for securing sensitive data within organizations from IBM, U.S.A. A security vulnerability exists in IBM Security Guardium Data Encryption, which stems from the use of weaker than expected encryption algorithms for data encryption, which could b...

IBM Security Guardium Data Encryption Information Disclosure Vulnerability (CNVD-2022-05124)

A security vulnerability exists in IBM Security Guardium Data Encryption, an IBM software for securing sensitive data in organizations, which can be exploited by remote attackers to return detailed technical error messages in the browser when to obtain sensitive information...

IBM Guardium Data Encryption Information Leakage Vulnerability

IBM Security Guardium Data Encryption is an American IBM software for securing sensitive data within an organization. The software protects assets located in cloud, virtual, big data and physical environments by controlling access to databases, files, applications and containers. An information...

CVE-2021-20474

IBM Guardium Data Encryption GDE 3.0.0.2 and 4.0.0.4 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources...

CVE-2021-20379

IBM Guardium Data Encryption GDE 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195711...

CVE-2021-20378

IBM Guardium Data Encryption GDE 3.0.0.2 and 4.0.0.4 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 195709...