DEBIAN-CVE-2016-1000352

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

Elemental Path's CogniToys Dino Information Disclosure Vulnerability (CNVD-2018-00677)

Elemental Path's CogniToys Dino is a smart toy from Elemental Path's, USA that is capable of voice communication with children. An information disclosure vulnerability exists in Elemental Path's CogniToys Dino using firmware version 0.0.794 and earlier, which stems from the program's use of AES-1...

The vulnerability of the mod_session_crypto module in the Apache HTTP Server allows attackers to perform attacks like Padding Oracle.

The vulnerability of the modsessioncrypto module in the Apache HTTP Server is related to encryption algorithm errors. The modsessioncrypto module encrypts its data/cookies using configured encryption algorithms with CBC or ECB modes AES256-CBC by default. Therefore, there is no optional or built-...

UBUNTU-CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle...

File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted

Overview File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED"...

UBUNTU-CVE-2013-7252

kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack...

UBUNTU-CVE-2012-3458

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...

PT-2006-4866 · Scatterchat · Scatterchat

Name of the Vulnerable Software and Affected Versions: ScatterChat versions 1.0.x Description: The issue allows attackers to identify patterns in large numbers of messages by exploiting collisions using a birthday attack on the custom padding mechanism for ECB mode encryption. Recommendations: Fo...

DEBIAN-CVE-2002-1697

Electronic Code Book ECB mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain sensitive information...

DEBIAN-CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...