SUSE CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

IBM多款产品 加密问题漏洞

IBM Verify Identity Access Container is an identity and access management solution for providing secure single sign-on and access control. A weak cryptographic algorithm vulnerability exists in IBM Verify Identity Access Container. The vulnerability stems from the product's use of a...

CVE-2025-13916 Multiple vulnerabilities have been addressed in IBM Aspera Shares

IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-64647

IBM Concert 1.0.0 through 2.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

IBM Concert 安全漏洞

IBM Concert is IBM's collaborative application lifecycle management platform. IBM Concert has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm. An attacker could exploit the vulnerability to decrypt highly sensitive information...

CVE-2025-36379

IBM Security QRadar EDR and IBM Security ReaQta are affected by CVE-2025-36379, where weaker-than-expected cryptographic algorithms could allow decryption of sensitive information. Affected versions: QRadar EDR 3.12 through 3.12.23 (and ReaQta 3.12 through 3.12.23). Root cause: use of insufficien...

CVE-2025-13399 Insecure Encryption in Communication with the Web Interface on TP-Link VX800v

A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality,...

PT-2026-4282

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks. Recommendations At the moment, there is no...

CVE-2025-52601

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...

CVE-2025-52601 Hardcoding sensitive information

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. T...

CVE-2025-36150

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

PT-2025-47961

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.0.0 Description IBM Concert versions 1.0.0 through 2.0.0 utilize cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive data. Recommendations Update...

Lexmark Printers Disclosure of Information (CVE-2019-1559)

A vulnerability in the TLS protocol in Lexmark devices has been identified that can be exploited by a “Man In The Middle” attacker to decrypt data in the TLS stream. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503882; scriptversion"1.3";...

EUVD-2025-35218

The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt user configuration files allowing attackers with local access to decrypt sensitive application data stored in %APPDATA%. A different vulnerability than CVE-2025-56802...

CVE-2025-56802

The connected Red Hat and NVD entries confirm CVE-2025-56802 affects the Reolink desktop application and centers on a hard-coded and predictable AES encryption key used to encrypt user configuration files. This allows attackers with local access to decrypt sensitive data stored in %APPDATA%. The ...

CVE-2025-34209

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

Unitree多款产品 安全漏洞

Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree Go2 is a robot dog, Unitree G1 is a humanoid robot, Unitree H1 is a humanoid robot, Unitree H1 is a humanoid robot. A security vulnerability exists in several Unitree products that stems from the u...

Linux Distros Unpatched Vulnerability : CVE-2017-3225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's u...

IBM Concert Software Trust Management Issues Vulnerabilities

IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. IBM Concert Software has a trust management issue vulnerability that stems from...

CVE-2025-55279

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the...