369 matches found
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive, which arises from an insecure design and can be exploited by an attacker to brute-force break a password offline...
CVE-2022-28384
The provided connected documents confirm CVE-2022-28384 affects Verbatim devices with insecure design that allows an offline brute-force attack to determine the correct passcode and gain access to stored encrypted data. Affected products include the Verbatim Keypad Secure USB 3.2 Gen 1 Drive (thr...
PT-2022-18993 · Verbatim · Verbatim Store 'N' Go Secure Portable Hdd +1
Name of the Vulnerable Software and Affected Versions: Verbatim Keypad Secure USB 3.2 Gen 1 Drive versions through 2022-03-31 Verbatim Store 'n' Go Secure Portable HDD GD25LK01-3637-C VER4.0 Description: An issue was discovered in certain Verbatim drives due to an insecure design, allowing an...
Verbatim Keypad Secure USB Drive 安全漏洞
The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from the Chinese company Verbatim. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that arises from an insecure design and can be exploited by an attacker to brute-force break a password offline t...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
GHSA-6R5V-HP32-FJQW Improper Access Control in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."...
Design/Logic Flaw
A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...
CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF)
A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...
PT-2022-19434 · Charm · Charm
Name of the Vulnerable Software and Affected Versions: charm versions prior to 0.12.1 Description: A vulnerability allows attackers to forge HTTP requests to manipulate the charm data directory, potentially accessing or deleting anything on the server. Encrypted user data uploaded to the Charm...
ASUS CMAX6000 Information Disclosure Vulnerability
The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...
CVE-2021-46247
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...
Asus CMAX6000 安全漏洞
The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU Use of Hard-Coded Credentials (CVE-2019-14926)
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard- coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware...
CVE-2021-43552
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX PIC iX Versions B.02, C.02, and C.03...
CVE-2021-43552 Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX PIC iX Versions B.02, C.02, and C.03...
Vulnerability fixed in Fortinet products
A vulnerability has been fixed in FortiSandbox, FortiWeb, FortiADC and FortiMail. A malicious party in possession of the password store could potentially gain access to encrypted data. Fortinet has released updates to address the vulnerability. fix. For more information, see:...
Facebook Postpones Plans for E2E Encryption in Messenger, Instagram Until 2023
Meta, the parent company of Facebook, Instagram, and WhatsApp, disclosed that it doesn't intend to roll out default end-to-end encryption E2EE across all its messaging services until 2023, pushing its original plans by at least a year. "We're taking our time to get this right and we don't plan to...