217 matches found
CVE-2025-36253
IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
PT-2026-5700
Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert utilizes cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive information. Recommendations Update to a version later...
Explorance Blue security vulnerabilities
Explorance Blue is a learning experience management software developed by the Canadian company Explorance. Versions of Explorance Blue prior to 8.14.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of reversible symmetric encryption with hardcoded static keys to...
CVE-2025-25051
CVE-2025-25051 pertains to AutomationDirect CLICK PLC, where the vulnerability arises from plaintext storage of a password in the project file. An attacker with access to the project file could decrypt credentials, impersonate legitimate users or devices, and potentially access network resources ...
CVE-2026-22698 RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability
RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a critical vulnerability exists in...
CVE-2020-7515
A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to missing cryptographic key commitment when storing encrypted data keys in an instruction file. An attacker with write access to the S3 bucket can manipulate encrypted data keys to...
CVE-2025-14763
CVE-2025-14763 concerns the Amazon S3 Encryption Client for Java lacking key commitment when the encrypted data key (EDK) is stored in an Instruction File. This could let a user with write access to an S3 bucket introduce a rogue EDK and decrypt to different plaintext. The vulnerability is tied t...
CVE-2025-53960
When issuing JSON Web Tokens JWT, Apache StreamPark directly uses the user's password as the HMAC signing key e.g., with the HS256 algorithm. An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge...
CVE-2025-53960 Apache StreamPark: Uses the user’s password as the secret key
When issuing JSON Web Tokens JWT, Apache StreamPark directly uses the user's password as the HMAC signing key e.g., with the HS256 algorithm. An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge...
CVE-2025-40818
The CVE identifies a vulnerability in SINEMA Remote Connect Server (all versions
OPENSUSE-SU-2025:20116-1 Security update for rnp
This update for rnp fixes the following issues: - update to 0.18.1: CVE-2025-13470: PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only boo1253957, CVE-2025-13402...
IBM Concert Encryption Issues Vulnerabilities
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which can ...
CVE-2025-62710
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...
EUVD-2021-25495
Malware in sbrugna...
EUVD-2018-17531
Malware in sbrugna...
EUVD-1999-0475
Malware in sbrugna...
EUVD-2020-0002
Malware in sbrugna...
EUVD-2018-7619
Malware in sbrugna...
EUVD-2020-26121
Malware in sbrugna...