5932 matches found
CVE-2013-2228
SaltStack RSA Key Generation allows remote users to decrypt communications...
CVE-2013-2228
SaltStack RSA Key Generation allows remote users to decrypt communications...
CVE-2013-2228
Removed by vendor...
Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information...
CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
DEBIAN-CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
Code injection
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
CVE-2014-3591
CVE-2014-3591 affects Libgcrypt (before 1.6.3) and GnuPG (before 1.4.19), which do not implement ciphertext blinding for ElGamal decryption, enabling physically proximate attackers to potentially extract private keys via crafted ciphertext and EM field fluctuations during multiplication. Related ...
CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...
How to decrypt your data from Hakbit & Jigsaw ransomware for free
By Sudais Here's how you can decrypt data from Hakbit and Jigsaw ransomware for free. This is a post from HackRead.com Read the original post: How to decrypt your data from Hakbit & Jigsaw ransomware for free...
Fortinet FortiOS Trust Management Issue Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...
Unspecified Vulnerability in ZyXEL GS1900 (CNVD-2019-41670)
ZyXEL GS1900 is a managed switch from ZyXEL Taiwan, China. A security vulnerability exists in the Zyxel GS1900 using firmware prior to this version 2.50AAHH.0C0. An attacker could exploit the vulnerability to decrypt a previously encrypted password...
ZyXEL GS1900 Use of Hardcoded Passwords Vulnerability
ZyXEL GS1900 is a managed switch from ZyXEL Taiwan, China. A security vulnerability exists in the Zyxel GS1900 using firmware prior to version 2.50AAHH.0C0. The vulnerability can be exploited by an attacker to decrypt passwords with the help of hard-coded encryption keys...
PT-2019-5737 · Fortinet · Fortimanager +1
Name of the Vulnerable Software and Affected Versions: FortiManager versions 6.2.3 and below FortiAnalyzer versions 6.2.3 and below Description: The issue is related to the use of a hard-coded cryptographic key in the CLI configuration of FortiManager and FortiAnalyzer, which may allow an attacke...
Broadcom Brocade SANnav Encryption Issue Vulnerability
Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A security vulnerability exists in the encryption key generation process in the PBE algorithm of Broadcom Brocade SANnav versions prior to 2.0. An attacker can exploit this vulnerability to decrypt passwords...
CVE-2019-15799
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH while their...
CVE-2019-15801
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware image contains encrypted passwords that are used to authenticate users wishing to access a diagnostics or password-recovery menu. Using the hardcoded cryptographic key found elsewhere in the firmware,...
CVE-2019-15801
CVE-2019-15801 affects Zyxel GS1900 devices with firmware prior to 2.50(AAHH.0)C0. The firmware stores encrypted passwords used for diagnostics/password-recovery authentication. An attacker can decrypt these passwords using the hardcoded cryptographic key found elsewhere in the firmware, via the ...