5467 matches found
The vulnerability of the Cisco Identity Services Engine (ISE) platform, which relates to the use of strictly encrypted login credentials, allows a hacker to alter the software configuration.
The vulnerability of the Cisco Identity Services Engine ISE platform relates to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a malicious actor to remotely modify the software configuration...
The vulnerability of the dtale library, related to the use of strictly encrypted credentials during the processing of the SECRET_KEY parameter, allows a hacker to bypass existing security restrictions and execute arbitrary code on the server.
The vulnerability of the dtale library lies in the use of strictly encrypted user credentials during the processing of the SECRETKEY parameter. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary code on the server...
A Private Smart Wallet with Probabilistic Compliance
We propose a privacy-preserving smart wallet with a novel invitation-based private onboarding mechanism. The solution integrates two levels of compliance in concert with an authority party: a proof of innocence mechanism and an ancestral commitment tracking system using bloom filters for...
Private Key and Password Protection by Steganographic Image Encryption
We propose a technique to protect and preserve a private key or a passcode in an encrypted two-dimensional graphical image. The plaintext private key or the passcode is converted into an encrypted QR code and embedded into a real-life color image with a steganographic scheme. The private key or t...
CVE-2025-43925
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...
CVE-2025-46777
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...
SUSE CVE-2025-5270
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...
SUSE-SU-2025:01747-1 Security update for grub2
This update for grub2 fixes the following issues: Security fixes: - CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM bsc1242971. Other bug fixes: - Fix incorrect nvme disks and boot order in bootlist output bsc1237174...
Synopsis: Secure and Private Trend Inference from Encrypted Semantic Embeddings
WhatsApp and many other commonly used communication platforms guarantee end-to-end encryption E2EE, which requires that service providers lack the cryptographic keys to read communications on their own platforms. WhatsApp's privacy-preserving design makes it difficult to study important phenomena...
CVE-2025-46777
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...
CVE-2025-46777
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...
CVE-2025-46777
Fortinet FortiPortal is affected by a log information disclosure vulnerability. In FortiPortal versions 7.4.0, 7.2.0–7.2.5, and 7.0.0–7.0.9, an authenticated user with at least read-only admin permissions may cause sensitive data to be written to the system log, allowing viewing of encrypted secr...
The vulnerability of the SimpleOne ITSM automation system lies in its ability to use strictly encrypted user data, which allows a malicious actor to compromise the domain name.
The vulnerability of the SimpleOne ITSM automation system relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to compromise the domain name...
Fortinet FortiPortal 日志信息泄露漏洞
Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a log information disclosure vulnerability that originat...
CVE-2025-2796
On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be...
CVE-2025-5270
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...
UBUNTU-CVE-2025-5270
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...
CVE-2025-5270 SNI was sometimes unencrypted
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...
CVE-2025-5270
CVE-2025-5270 concerns Mozilla Firefox and Thunderbird where SNI could be sent unencrypted even when encrypted DNS is enabled. Affected products are Firefox versions earlier than 139 and Thunderbird versions earlier than 139. The vulnerability’s impact includes potential disclosure of sensitive i...
Firefox -- unencrypted SNI
[email protected] reports: In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled...