CVE-2024-53832

A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V05.30. The affected devices contain a secure element which is connected via an unencrypted SPI bus. This could allow an attacker with physical access to the SPI bus to observe the password used for the...

Siemens CPCI85 Central Processing 安全漏洞

The SICAM A8000 RTU Remote Terminal Unit is a modular device for remote control and automation applications in all areas of energy supply. A firmware decryption vulnerability exists in the Siemens SICAM A8000 CP-8031 and CP-8050 due to the fact that the affected devices contain a secure element...

IBM Cognos Controller Encryption Problem Vulnerability (CNVD-2024-47515)

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. An encryption issue vulnerability exists in IBM Cognos...

GHSA-4GRW-M28R-Q285 rPGP Potential Resource Exhaustion when handling Untrusted Messages

During a security audit, Radically Open Security discovered two vulnerabilities which allow attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys. Impact Affected rpgp versions do not...

rPGP Potential Resource Exhaustion when handling Untrusted Messages

During a security audit, Radically Open Security discovered two vulnerabilities which allow attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys. Impact Affected rpgp versions do not...

DEBIAN-CVE-2024-53857

rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys...

CVE-2024-53857 rPGP Potential Resource Exhaustion when handling Untrusted Messages

rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys...

CVE-2024-53857 rPGP Potential Resource Exhaustion when handling Untrusted Messages

rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys...

CVE-2024-53857

CVE-2024-53857 concerns the rPGP OpenPGP implementation in Rust. Prior to version 0.14.1, rPGP allows resource-exhaustion (memory/time) when processing crafted messages during general parsing and symmetric-key decryption. The issue can trigger out-of-memory or long computations, potentially affec...

Panics on Malformed Untrusted Input

During a security audit, Radically Open Security discovered several reachable edge cases which allow an attacker to trigger rpgp crashes by providing crafted data. Impact When processing malformed input, rpgp can run into Rust panics which halt the program. This can happen in the following...

Our secret ingredient for reverse engineering

Nowadays, a lot of cybersecurity professionals use IDA Pro as their primary tool for reverse engineering. While IDA is a complex tool that implements a multitude of features useful for dissecting binaries, many reverse engineers use various plugins to add further functionality to this software. W...

PT-2024-35953 · Rpgp · Rpgp

Name of the Vulnerable Software and Affected Versions: rPGP versions prior to 0.14.1 Description: The issue allows an attacker to trigger crashes in rPGP by providing crafted data. This can occur in various scenarios, including parsing OpenPGP messages, decrypting messages via decrypt with...

PT-2024-35954 · Rpgp · Rpgp

Name of the Vulnerable Software and Affected Versions: rPGP versions prior to 0.14.1 Description: The issue allows attackers to trigger resource exhaustion vulnerabilities in rPGP by providing crafted messages, affecting general message parsing and decryption with symmetric keys. This can cause...

CVE-2024-53614

A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges...

PT-2024-35791 · Thinkware · Thinkware Cloud Apk

Name of the Vulnerable Software and Affected Versions: Thinkware Cloud APK version 4.3.46 Description: A hardcoded decryption key in the Thinkware Cloud APK allows attackers to access sensitive data and execute arbitrary commands with elevated privileges. Recommendations: For Thinkware Cloud APK...

Thinkware Cloud APK 安全漏洞

Thinkware Cloud APK is a free Android app from Thinkware that allows easy access to Thinkware Car Recorder. A security vulnerability exists in Thinkware Cloud APK version v4.3.46 that stems from a hard-coded decryption key in the application, which allows an attacker to access sensitive data and...

CVE-2024-53614

A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges...

CVE-2024-53614

Thinkware Cloud APK 4.3.46 is affected by CVE-2024-53614 due to a hardcoded decryption key embedded in the app. This weakness can allow an attacker to access sensitive data and execute arbitrary commands with elevated privileges. Publicly available details (NVD, Red Hat, CNNVD, PT Security, and o...

CVE-2024-53614

A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges...

CVE-2024-41775

IBM Cognos Controller 11.0.0 and 11.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...