Lucene search
K

116 matches found

CNVD
CNVD
added 2022/05/31 12:0 a.m.27 views

Command Execution Vulnerability in OpenSSL (CNVD-2022-51192)

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

10CVSS7.6AI score0.83223EPSS
Exploits5References1
NVD
NVD
added 2022/04/11 11:15 a.m.35 views

CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

9.1CVSS0.00538EPSS
Exploits1References2
Talos Blog
Talos Blog
added 2022/03/31 1:58 p.m.9 views

On the Radar: Is 2022 the year encryption is doomed?

By Martin Lee. Quantum technology in development by the world’s superpowers will render many current encryption algorithms obsolete overnight. When it becomes available, whoever controls this technology will be able to read almost any encrypted data or message they wish. Organizations need... Thi...

1.7AI score
Exploits0
CNVD
CNVD
added 2021/10/08 12:0 a.m.17 views

IBM Cloud Pak for Security Encryption Issue Vulnerability

IBM Cloud Pak for Security CP4S is an open security platform from IBM that connects to your existing data sources, generates deeper insights, and enables you to act faster with automation. IBM Cloud Pak for Security CP4S suffers from an encryption issue vulnerability in versions 1.7.0.0, 1.7.1.0,...

7.5CVSS7.5AI score0.00665EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/26 12:0 a.m.49 views

openssl buffer overflow vulnerability (CNVD-2021-71263)

OpenSSL is an open source general-purpose cryptographic library from the Openssl team capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hashing algorithms,...

7.4CVSS2.9AI score0.50445EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/08 12:0 a.m.16 views

IBM Security Guardium Data Encryption Information Disclosure Vulnerability (CNVD-2022-05125)

IBM Security Guardium Data Encryption is a software for securing sensitive data within organizations from IBM, U.S.A. A security vulnerability exists in IBM Security Guardium Data Encryption, which stems from the use of weaker than expected encryption algorithms for data encryption, which could b...

7.5CVSS1.6AI score0.00454EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/06 12:0 a.m.4 views

IBM Security Guardium Data Encryption加密问题漏洞

IBM Security Guardium Data Encryption is a software for securing sensitive data within organizations from IBM, U.S.A. A security vulnerability exists in IBM Security Guardium Data Encryption, which stems from the use of weaker than expected encryption algorithms for data encryption, which could b...

8.8CVSS5.6AI score0.00722EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2021/04/29 9:2 a.m.56 views

Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years

A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind the operation to harvest and exfiltrate sensitive information from infected systems. Dubbed "RotaJakiro" by researchers from Qihoo 360...

0.7AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/11 12:0 a.m.10 views

openGauss: Configuring the SSL Encryption Algorithm

sslciphers specifies the SSL encryption algorithms used for secure connections. openGauss supports the following algorithms: - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-GCM-SHA256 - DHE-DSS-AES256-GCM-SHA384 - DHE-DSS-AES128-GCM-SHA256 - DHE-RSA-AES256-SHA256 - DHE-RSA-AES128-SHA256 -...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/28 9:30 p.m.73 views

MemoryMapper - Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do...

8AI score
Exploits0References2
Veracode
Veracode
added 2020/04/10 12:46 a.m.36 views

Arbitary Code Execution

krb5 is vulnerable to arbitrary code execution. Multiple integer underflow flaws, leading to heap-based corruption, were found in the way the MIT Kerberos Key Distribution Center KDC decrypted ciphertexts encrypted with the Advanced Encryption Standard AES and ARCFOUR RC4 encryption algorithms. I...

10CVSS4.5AI score0.07411EPSS
Exploits0References33Affected Software1
CNVD
CNVD
added 2019/10/25 12:0 a.m.2 views

IBM Security Guardium Big Data Intelligence Encryption Issue Vulnerability

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. An encryption issue vulnerability exists in IBM Security Guardi...

7.5CVSS6.7AI score0.00976EPSS
Exploits0References1
NVD
NVD
added 2019/04/04 4:29 p.m.21 views

CVE-2019-1828

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for use...

8.1CVSS6.7AI score0.00699EPSS
Exploits0References2
Trellix
Trellix
added 2018/10/30 12:0 a.m.11 views

Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims

ARCHIVED STORY Fallout Exploit Kit Releases the Kraken Ransomware on Its Victims By John Fokker · October 30, 2018 Alexandr Solad and Daniel Hatheway of Recorded Future are coauthors of this post. Read Recorded Future’s version of this analysis. Rising from the deep, Kraken Cryptor ransomware has...

0.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/09/14 11:15 a.m.18 views

Quantum Computing and Cryptography

Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to...

6.8AI score
Exploits0
Trellix
Trellix
added 2018/07/31 12:0 a.m.4 views

Gandcrab Ransomware Puts Pinch On Victims

ARCHIVED STORY GandCrab Ransomware Puts the Pinch on Victims By Alexandre Mundo · July 31, 2018 Update: On August 9 we added our analysis of Versions 4.2.1 and 4.3. The GandCrab ransomware first appeared in January and has been updated rapidly during its short life. It is the leading ransomware...

Exploits0
Prion
Prion
added 2018/06/27 7:29 p.m.16 views

Design/Logic Flaw

Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. ...

6.4CVSS9.2AI score0.00508EPSS
Exploits0References1
NVD
NVD
added 2018/06/27 7:29 p.m.17 views

CVE-2017-16726

Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. ...

9.1CVSS9.3AI score0.00508EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/26 12:0 a.m.19 views

Microsoft Windows: Hardware-based encryption for OS drives (allowed algorithms)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winosrestrictcrypto.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Configure use of hardware-based encryption for operating system drives: Restrict crypto algorithms or cipher suites to the following Authors:...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2018/06/26 12:0 a.m.19 views

Microsoft Windows: Use of hardware-based encryption for OS drives

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2AI score
Exploits0References1
Rows per page
Query Builder