30 matches found
CVE-2021-26315
When the AMD Platform Security Processor PSP boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used...
IBM Sterling Secure Proxy 加密问题漏洞
IBM Sterling Secure Proxy creates a security barrier for trusted networks by preventing direct connections between external partners and internal servers. IBM Sterling Secure Proxy versions 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contain a weak encryption algorithm vulnerability. An attacker could...
IBM Security Guardium Insights 加密问题漏洞
IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Insights 2.0.2. An attacker could exploit the...
CVE-2017-16560
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...
Ex cop and child porn suspect to remain in jail until he decrypts drives
By Carolina Former Cop and Child Porn Suspect Might Remain in Jail Forever This is a post from HackRead.com Read the original post: Ex cop and child porn suspect to remain in jail until he decrypts drives...
CVE-2017-1000066
The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information...
CVE-2017-3885
A vulnerability in the detection engine reassembly of Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process consumes a high level of CPU resources. Affected Products...
High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic
OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic. OpenSSL is an open-source cryptographic library that is the most widely being used b...
Student Decrypts Simplocker Android Ransomware that Encrypts Files
In a previous story, I reported about a new ransomware threat known as Simplocker discovered by researchers at the security firm ESET, targeting Android users in the UK, Switzerland, Germany, India and Russia, for ransom. Simplocker Android/Simplocker.A is the latest Android ransomware that has...
Windows Gather SmartFTP Saved Password Extraction
This module finds saved login credentials for the SmartFTP FTP client for windows. It finds the saved passwords and decrypts them. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class...