Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui

HTB-Snapped--Writeup HTB Snapped — Hard Linux machine writeup...

CVE-2024-21668

react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Before version 2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by anyone with access to the Android Debugging...

CVE-2020-28638

askpassword in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb W Detected DISPLAY, but only pinentry-curses is found." as the encryption key...

PT-2024-40101 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue concerns insecure deserialization in Extbase request handling. It requires a user-submitted payload to be signed with a corresponding HMAC-SHA1 using the sensitive TYPO3 encryptionK...

CVE-2023-26243

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The decryption binary used to decrypt firmware files has an information leak that allows an attacker to read the AES key and initialization vector from memory. An attacker may exploit this to...

Reolink P2P Cameras Trust Management Issue Vulnerability

Reolink P2P Cameras is a camera. A trust management issue vulnerability exists in Reolink P2P Cameras, which can be exploited by an attacker to obtain a fixed encryption key and access applications outside the local network access range. The vulnerability exists in the following devices or models...