CVE-2024-22347

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

CVE-2024-50564

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped...

Exploit for Improper Check for Unusual or Exceptional Conditions in Jenkins

Intro This is an exploit for CVE-2024-43044, an arbitrary fil...

SUSE CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks...

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks...

CP Plus CP-VNR-3104 安全漏洞

The CP Plus CP-VNR-3104 is a network video recorder from CP Plus. A security vulnerability exists in the CP Plus CP-VNR-3104 version B3223P22C02424 that stems from improper handling and storage of certificates, which allows an attacker to decrypt communications or perform man-in-the-middle attack...

CVE-2024-54848

Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks...

Covert Timing Channel

Overview openssl is a package that wraps the OpenSSL library. Affected versions of this package are vulnerable to Covert Timing Channel through the decryption process. An attacker can decrypt messages or forge signatures by exchanging a large number of messages with the vulnerable service Marvin...

Covert Timing Channel

Overview Affected versions of this package are vulnerable to Covert Timing Channel through the decryption process. An attacker can decrypt messages or forge signatures by exchanging a large number of messages with the vulnerable service Marvin Attack. Workaround This vulnerability can be mitigate...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2025-0306 Ruby: openssl: ruby marvin attack

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CVE-2024-56690

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service. Mitigation See the following possible...

CVE-2024-45547

Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality...

OpenVPN Connect 安全漏洞

OpenVPN Connect is a VPN Virtual Private Network client application from OpenVPN USA. A security vulnerability exists in OpenVPN Connect versions prior to 3.5.0, which stems from a plaintext private key in the configuration file being recorded in the application logs, which can be used by...