CVE-2013-5461

The CVE affects IBM Endpoint Manager for Remote Control (9.0.0/9.0.1) and Tivoli Remote Control (5.1.2). It describes insecure storage of password material: multiple hashes of partial passwords can be leveraged by an attacker with hash access to decrypt passwords. This is a confidentiality and po...

Sea Lotus APT groups use CVE-2017-8570 vulnerability of the new sample and Association analysis-vulnerability warning-the black bar safety net

Sea Lotus（OceanLotus）APT gang is a highly organized, professional foreign national hacker group, the oldest by 360 days eye Labs discovered and disclosed. The organization since at least 2012 and 4 January will be for the Chinese government, research institutes, Maritime institutions, Maritime...

IBM Security Access Manager Appliance Information Disclosure Vulnerability

IBM Security Access Manager Appliance is an application for information security management from IBM, USA. The program enables access management control through an integrated appliance for web, mobile and cloud computing. A security vulnerability exists in IBM Security Access Manager Appliance th...

IBM Tivoli Identity Manager and Security Identity Manager Information Disclosure Vulnerability (CNVD-2018-08708)

IBM Tivoli Identity Manager and Security Identity Manager are both products of IBM Corporation of the U.S.A. IBM Tivoli Identity Manager is a suite of identity management software used to manage user rights across heterogeneous IT resources.Security Identity Security Identity Manager is an identi...

CVE-2017-1473

IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605...

Design/Logic Flaw

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to...

CVE-2016-10433

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808...

Memory corruption

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808...

CVE-2016-10433

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808...

CVE-2016-10433

CVE-2016-10433 is an Android/Qualcomm TOCTOU vulnerability during SSD image decryption that can cause memory corruption on affected Snapdragon Mobile/Automotive/Wear platforms (various SDP/SD devices). The issue affects Android images prior to the 2018-04-05 security patch level; Android/patched ...

IBM BigFix Remote Control Encryption Issue Vulnerability (CNVD-2018-08559)

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. An encryption issue vulnerability exists in IBM BigFix Remote Control. A remote attacker could exploit this vulnerability by performing a man-in-the-middle attack to decrypt traffic...

CVE-2018-5507

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU...

CVE-2018-5507

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU...

Code injection

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU...

CVE-2018-5507

CVE-2018-5507 affects F5 BIG-IP vCMP guests on VIPRION 2100/4200/4300 blades and BIG-IP releases: 13.0.0, 13.0.1; 12.1.0–12.1.3 (incl. 12.1.3.2); 11.6.1–11.6.2; 11.5.1–11.5.5. The root cause is incorrect decryption of ciphertext from established SSL sessions when MTU is small. Remediation provide...

Libsodium - A Modern, Portable, Easy To Use Crypto Library

Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all o...

Encryption 101: decryption tool code walkthrough

We have reached the final installment of our Encryption 101 series. In the prior post, we walked through, in detail, the thought process while looking at the Princess Locker ransomware. We talked about the specific ways to narrow down the analysis toward the encryption portions, the weaknesses in...

Moxa Mxview Information Disclosure Vulnerability

Moxa MXview is a network management software for monitoring and diagnosing industrial networks. An information disclosure vulnerability exists in Moxa Mxview version 2.8 and earlier. The vulnerability arises because the private key of the web server in Moxa Mxview can be read and accessed via HTT...

Fake Software Update Abuses NetSupport Remote Access Tool

Over the last few months, FireEye has tracked an in-the-wild campaign that leverages compromised sites to spread fake updates. In some cases, the payload was the NetSupport Manager remote access tool RAT. NetSupport Manager is a commercially available RAT that can be used legitimately by system...

CVE-2017-3969

Abuse of communication channels vulnerability in the server in McAfee Network Security Management NSM before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate implementation of SSL...