CVE-2019-4102

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092...

CVE-2019-4102

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092...

CVE-2019-13052

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...

CVE-2019-13055

Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard...

Design/Logic Flaw

Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard...

Code injection

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...

CVE-2019-13052

Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed...

CVE-2019-13052

CVE-2019-13052 concerns Logitech Unifying devices where, if the pairing between a keyboard and its receiver is sniffed, an attacker could achieve live decryption of the communication. The core details across connected records identify the affected class as Logitech Unifying devices and describe a...

Cryptr - A Simple Shell Utility For Encrypting And Decrypting Files Using OpenSSL

A simple shell utility for encrypting and decrypting files using OpenSSL. Installation git clone https://github.com/nodesocket/cryptr.git ln -s "$PWD"/cryptr/cryptr.bash /usr/local/bin/cryptr Bash tab completion Add tools/cryptr-bash-completion.bash to your tab completion file directory...

CVE-2019-4156

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158572...

IBM Security Access Manager Appliance Weak Encryption Algorithm Vulnerability (CNVD-2019-19294)

IBM Security Access Manager Appliance ISAM Appliance is a network appliance-based security solution from IBM, USA. The product is mainly used for access control and Web-based threat protection, providing system performance monitoring, log analysis and diagnosis. A security vulnerability exists in...

Debian DLA-1825-1 : kdepim security update

A reply-based decryption oracle was found in kdepim, which provides the KMail e-mail client. An attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline character...

[SECURITY] [DLA 1825-1] kdepim security update

Package : kdepim Version : 4:4.14.1-1+deb8u2 CVE ID : CVE-2019-10732 Debian Bug : 926996 A reply-based decryption oracle was found in kdepim, which provides the KMail e-mail client. An attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart...

GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free

Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. GandCrab is one of the most prolific families of ransomware to date...

CVE-2019-12813

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. The key and salt used for obfuscating the fingerprint image exhibit cleartext when the fingerprint scanner device transfers a fingerprint image to the driver. An attacker who sniffs an encrypted fingerprint image can...

CVE-2019-12813

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. The key and salt used for obfuscating the fingerprint image exhibit cleartext when the fingerprint scanner device transfers a fingerprint image to the driver. An attacker who sniffs an encrypted fingerprint image can...

CVE-2019-12813

The CVE-2019-12813 issue affects Digital Persona U.are.U 4500 Fingerprint Reader v24. The encryption obfuscation for fingerprint images uses a key and salt that appear in cleartext when transferring the image to the driver. An attacker that can sniff a captured fingerprint image could decrypt it ...

Using Firepower to defend against encrypted RDP attacks like BlueKeep

This blog was authored by Brandon Stultz Microsoft recently released fixes for a critical pre-authentication remote code execution vulnerability in Remote Desktop Protocol Services RDP. Identified as CVE-2019-0708 in May's Patch Tuesday, the vulnerability caught the attention of researchers and t...

Design/Logic Flaw

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...