CVE-2020-26197

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication...

CVE-2020-26197

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication...

GO-2020-0011

When decrypting JsonWebEncryption objects with multiple recipients or JsonWebSignature objects with multiple signatures the Decrypt and Verify methods do not indicate which recipient or signature was valid. This may lead a caller to rely on protected headers from an invalid recipient or signature...

CVE-2021-0436

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1...

CVE-2021-0436

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1...

CVE-2021-0436

CVE-2021-0436: In CryptoPlugin::decrypt (CryptoPlugin.cpp) on Android, there is a possible out-of-bounds read caused by integer overflow, potentially leading to local information disclosure without extra privileges. Affected: Android devices (Android-8.1, 9, 10, 11). Impact is information disclos...

CVE-2020-4965

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422...

Remote Code Execution (RCE)

@thi.ng/egf is vulnerable to remote code execution. The vulnerability exists due to EGF parse function attempting to decrypt values...

CVE-2021-21412

Potential for arbitrary code execution in npm package @thi.ng/egf gpg-tagged property values only if decrypt: true option is enabled. PR with patch has been submitted and will has been released as of v0.4.0 By default the EGF parse functions do NOT attempt to decrypt values since GPG only availab...

CVE-2021-21412 [thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property values

Potential for arbitrary code execution in npm package @thi.ng/egf gpg-tagged property values only if decrypt: true option is enabled. PR with patch has been submitted and will has been released as of v0.4.0 By default the EGF parse functions do NOT attempt to decrypt values since GPG only availab...

CVE-2021-21412

The CVE concerns npm package @thi.ng/egf with a potential for arbitrary code execution via #gpg-tagged property values, exploitable only if decrypt: true is enabled. A patch was submitted and released with v0.4.0. By default, EGF parse functions do not decrypt values (GPG requires non-browser env...

CVE-2020-9206

The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be...

IBM Security Verify Bridge 加密问题漏洞

IBM Security Verify Bridge is an IBM application component from International Business Machines IBM, Inc. provides IBM Cloud access to user attributes and authentication that are controlled by the client's local LDAP or Active Directory. A security vulnerability exists in IBM Security Verify Brid...

CVE-2021-27328

Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key...

BaphoDashBoard - Dashboard For Manage And Generate The Baphomet Ransomware

With this proyect we will be able to handle the data of the victims we obtain with Baphomet Ransomware. BaphoDashBoard is developed in C under framework dotnet-core 3.1. Both Baphomet Ransomware and BaphoDashBoard proyects are thrown out for educational purposes and so we can get something out of...

Cypher - Crypto Cipher Encode Decode Hash

All in one tools for CRYPTOLOGY. Instagram: Capture the Root Screenshots !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzEISVu6IIqjydF1vTUDcdbKWD8Vdi1BM5fQfCGuAnFRSCrZIh04d17YDeNKsRw0CRJD8cQmlIloLRldnU-Rounz7YQAvc7MOENa22PJkMajWGZvAelxpm3EoWCFL0BCnfBRMV4Ly99Y/w640-h36...

Huawei eUDC660 资源管理错误漏洞

The Huawei eUDC660 is a device from Huawei, China, that provides scheduling capabilities. The device supports broadband trunk scheduling to improve the efficiency of voice, data, and video communications in transportation, energy, and other areas. A security vulnerability exists in Huawei eUDC660...

JetBrains Code With Me 安全漏洞

JetBrains Code With Me is a plug-in application from the Czech company JetBrains that provides code co-editing for the IntelliJ IDE. JetBrains Code With Me suffers from a cryptographic issue vulnerability that can be exploited by an attacker on the local network to access encrypted traffic knowin...

Microchip Libraries for Applications Encryption Problem Vulnerability

Microchip Libraries for Applications is a microchip library for applications from Microchip. A cryptographic vulnerability exists in Microchip Libraries for Applications, which can be exploited by an attacker to decrypt information returned by the application in question, resulting in a disclosur...

IBM Security Guardium Insights Weak Cryptographic Algorithm Vulnerability (CNVD-2021-03713)

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Insights 2.0.2. An attacker could exploit the...