CVE-2025-31977

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

CVE-2025-31977

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

PT-2025-35108

Name of the Vulnerable Software and Affected Versions: HCL BigFix SM affected versions not specified Description: HCL BigFix SM is affected by a cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipula...

CVE-2013-2228

SaltStack RSA Key Generation allows remote users to decrypt communications...

CVE-2024-0323

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients...

CVE-2024-0323 FTP uses unsecure encryption mechanisms

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected product clients...

Citrix Licensing server vulnerability TLSv1.0/1.1 on CitrixWebServicesforLicensing

When running Qualis security report, it reports the following error : The CitrixWebServicesforLicensing TLSv1.0/1.1 vulnerbility on our Citrix Licensing server. An attacker can exploit cryptographic flaws to conduct man-in-the-middle type attacks or to decryption communications...

GHSA-GQ26-CPQ6-W85R SaltStack RSA Key Generation allows remote users to decrypt communications

SaltStack RSA Key Generation allows remote users to decrypt communications...

CVE-2020-1688

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an...

Code injection

SaltStack RSA Key Generation allows remote users to decrypt communications...

CVE-2013-2228

SaltStack RSA Key Generation allows remote users to decrypt communications...

apache-cxf: XML encryption backwards compatibility attacks

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

Design/Logic Flaw

Secure Elements Class 5 AVR aka C5 EVM before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications...

CVE-2006-2710

Secure Elements Class 5 AVR aka C5 EVM before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications...

CVE-2006-0231

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications...