BIT-JENKINS-2020-2099

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonati...

CVE-2021-35252 Common Key Vulnerability in Serv-U FTP Server

Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext...

Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability

Microsoft Windows is a popular operating system. A security feature bypass vulnerability exists in the implementation of Microsoft Wireless Keyboard 850, which allows local attackers to exploit the vulnerability by submitting a special request to reuse an AES key to obtain keyboard input...

CVE-2016-0904

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by...