CVE-2021-36689

An issue discovered in com.samourai.wallet.PinEntryActivity.java in Streetside Samourai Wallet 0.99.96i allows attackers to view sensitive information and decrypt data via a brute force attack that uses a recovered samourai.dat file. The PIN is 5 to 8 digits, which may be insufficient in this...

DEBIAN-CVE-2023-0361

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to...

CVE-2023-21443

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands...

CVE-2022-2660

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine...

PT-2022-27990 · Sick · Sick Rfu62X

Name of the Vulnerable Software and Affected Versions: SICK RFU62x firmware versions prior to 2.21 Description: The issue is related to the use of a broken or risky cryptographic algorithm, allowing a low-privileged remote attacker to decrypt encrypted data if weak cipher suites are used for...

CVE-2022-34361

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522...

PT-2022-22130 · Ibm · Ibm Cics Tx

Name of the Vulnerable Software and Affected Versions: IBM CICS TX version 11.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For IBM CICS TX version 11.1, upda...

IBM UrbanCode Deploy 加密问题漏洞

IBM UrbanCode Deploy UCD is a suite of application automation deployment tools from IBM. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in different environments, etc. I...

IBM Spectrum Copy Data Management加密问题漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, has a security vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to The vulnerability ste...

IBM Security SOAR 加密问题漏洞

IBM Security SOAR, formerly Resilient, is an IBM product designed to help your security team confidently address cyber threats, automate through intelligence and collaborate through consistency.IBM Security SOAR is vulnerable to an information disclosure vulnerability that stems from the...

IBM QRadar SIEM 加密问题漏洞

IBM QRadar SIEM is a solution from IBM America that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, etc. IBM QRadar SIE...

CVE-2021-20369

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361...

CVE-2021-29794

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 203556...

CVE-2021-24005

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key...

CVE-2020-9206

The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be...

BaphoDashBoard - Dashboard For Manage And Generate The Baphomet Ransomware

With this proyect we will be able to handle the data of the victims we obtain with Baphomet Ransomware. BaphoDashBoard is developed in C under framework dotnet-core 3.1. Both Baphomet Ransomware and BaphoDashBoard proyects are thrown out for educational purposes and so we can get something out of...

Huawei eUDC660 资源管理错误漏洞

The Huawei eUDC660 is a device from Huawei, China, that provides scheduling capabilities. The device supports broadband trunk scheduling to improve the efficiency of voice, data, and video communications in transportation, energy, and other areas. A security vulnerability exists in Huawei eUDC660...

IBM Security Guardium Insights Weak Cryptographic Algorithm Vulnerability (CNVD-2021-03713)

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Insights 2.0.2. An attacker could exploit the...

CVE-2017-20001

The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisory policy...

Drupal Encryption Problem Vulnerability

Drupal is an open source content management system developed in the PHP language by the Drupal community. An encryption issue vulnerability exists in Drupal AES encryption project 7.x and 8.x, which stems from a vulnerability that does not adequately prevent an attacker from being able to decrypt...