1474 matches found
Malicious code in ethercheck (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c202b40df14e5a6ba231853aefc190984e981a5f22ef90d3d2e3da641643e8dd During importing, the code attempts to decrypt data embeded in READMEs. The decrypted code is then used to download further remote scripts --- Category:...
MAL-2024-12264 Malicious code in ethercheck (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c202b40df14e5a6ba231853aefc190984e981a5f22ef90d3d2e3da641643e8dd During importing, the code attempts to decrypt data embeded in READMEs. The decrypted code is then used to download further remote scripts --- Category:...
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey and ctx. That functi...
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey and ctx. That functi...
IBM Datacap Navigator 安全漏洞
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from a cryptographic issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt highly...
PT-2024-4963 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the use of weaker than expected cryptographic algorithms in IBM Datacap Navigator, which could allow an attacker to decrypt highly sensitive information...
CVE-2024-39888
CVE-2024-39888 affects Mendix Encryption versions 10.0.0 to 10.0.1, where a hard-coded default EncryptionKey enables decryption of encrypted project data if no per-project key is specified. Root cause: a security-relevant constant defined by default in the module. Consequences stated across sourc...
CVE-2024-39888
A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...
CVE-2024-39888
A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...
Siemens RUGGEDCOM 信息泄露漏洞
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...
Siemens Mendix 安全漏洞
The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey and ctx. That functi...
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey and ctx. That functi...
CVE-2023-38371
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198...
IBM Security Access Manager 加密问题漏洞
IBM Security Access Manager is a product for information security management applications from International Business Machines IBM. The product enables access management control through integrated appliances for web, mobile and cloud computing. IBM Security Access Manager suffers from an encrypti...
The vulnerability of the Brocade SANnav network management software, which stems from the use of strictly encrypted credentials, allows a hacker to perform a Man-in-the-Middle attack and decrypt SSH traffic.
The vulnerability of the Brocade SANnav network management software is related to the use of strictly encrypted authentication credentials. Exploiting this vulnerability allows a remote attacker to perform a Man-in-the-Middle MITM attack and decrypt SSH traffic...
Malicious code in jsbip39-decrypt (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in bip39-mnemonic-decrypt (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4818 Malicious code in bip39-mnemonic-decrypt (PyPI)
--- -= Per source details. Do not edit below this line.=-...
jose-go: improper handling of highly compressed data
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti...