EUVD-2015-3070

Malware in sbrugna...

EUVD-2022-52229

Malicious code in bioql PyPI...

CVE-2022-30274

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

CBL Mariner 2.0 Security Update: ed (CVE-2015-2987)

The version of ed installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-2987 advisory. - Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtai...

Misuse Of Cryptographic API

mycli is vulnerable to a Misuse of Cryptographic API. The vulnerability arises because the config.py lacks proper data diffusion and contains repeating patterns. Specifically, the use of AES ECB encryption in this context does not provide adequate security measures. As a result, an attacker may...

VulnCheck KEV: CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding...

Hardcoded credentials

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

CVE-2022-30274

The CVE-2022-30274 vulnerability affects the Motorola ACE1000 RTU (up to 2022-05-02). Root cause: use of TEA in ECB mode with a hardcoded key to protect credentials for the XRT LAN-to-radio gateway and for authenticating to the XNL port, enabling potential manipulation of device configuration. Do...

CVE-2022-30274

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm TEA in ECB mode using a hardcode...

PT-2022-3091 · Motorola · Motorola Ace1000 Rtu

Name of the Vulnerable Software and Affected Versions: Motorola ACE1000 RTU versions prior to 2022-05-02 Description: The issue is related to the use of hardcoded credentials in the XRT LAN-to-radio gateway and XNL microcode software of the Motorola ACE1000 RTU. This allows a remote attacker to...

Advisory ROSA-SA-2021-1826

Software: ed 1.9 OS: Cobalt 7.9 CVE-ID: CVE-2015-2987 CVE-Crit: MEDIUM CVE-DESC: Type74 ED before 4.0 incorrectly uses 128-bit ECB encryption for small files, making it easier for attackers to obtain plaintext data by differential cryptanalysis of a file with an original length of less than 128...

EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...

Analysis of LooCipher, a New Ransomware Family Observed This Year

ARCHIVED STORY Analysis of LooCipher, a New Ransomware Family Observed This Year By ATR Operational Intelligence Team · December 05, 2019 Co-authored by Marc RiveroLopez. Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made using ransomware and new...

Analysis of LooCipher, a New Ransomware Family Observed This Year

ARCHIVED STORY Analysis of LooCipher, a New Ransomware Family Observed This Year By ATR Operational Intelligence Team · December 05, 2019 Co-authored by Marc RiveroLopez. Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made using ransomware and new...

CVE-2015-2987

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits...

AZL-34660 CVE-2015-2987 affecting package ed for versions less than 1.20-1

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits...

CVE-2015-2987

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits...

CVE-2015-2987

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits...

McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure Exploit

This module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password as the database 's...

[USN-2401-1] Konversation vulnerability

========================================================================== Ubuntu Security Notice USN-2401-1 November 10, 2014 konversation vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivative...