EUVD-2017-10507

Malware in sbrugna...

EUVD-2023-33710

Malicious code in bioql PyPI...

CVE-2024-48539

CVE-2024-48539 affects Neye3C v4.5.2.0, with a hardcoded encryption key in the firmware update mechanism. The NVD/Red Hat and other feeds describe a high-severity issue (CVSS v3.1: 9.8, NETWORK attack), impacting confidentiality, integrity, and availability. There is no explicit patch/version pro...

Moxa AWK-3121 Cleartext Transmission of Sensitive Information (CVE-2018-10694)

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between t...

Security feature bypass

Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...

CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass

Adobe Experience Manager versions 6.5.13.0 and earlier is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism in the backend . An attacker could leverage this vulnerability to decrypt secrets, however, this i...

Security Bulletin: Vulnerability in password storage scheme affects IBM License Metric Tool v9 and IBM BigFix Inventory v9 (CVE-2016-8967)

Summary IBM License Metric Tool v9 and IBM BigFix Inventory v9 stores passwords in plain text. Vulnerability Details CVEID: CVE-2016-8967 DESCRIPTION: IBM BigFix Inventory v9 stores user credentials in plain in clear text which can be read by a local user. CVSS Base Score: 6.2 CVSS Temporal Score...

CVE-2020-7000

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HM...

Design/Logic Flaw

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between t...

CVE-2018-10694

An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between t...

Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit

Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities. ======================================================================= title: Multiple Vulnerabilities product: Citrix StorageZones Controller...

The Risks of Bio-IoT

Bio-IoT: Internet of Things applied to biological systems, such as pharmaceutical delivery systems, implanted medical devices, intelligent prosthetics, surgical assistants, and remote patient monitoring. IoT 2.0, with ample processing resources and OSI-conformant networking, promises vast...

SonarQube Jenkins Password Disclosure

Advisory Information Title: SonarQube Jenkins Plugin - Plain Text Password Date published: 2013-12-05 Date of last update: 2013-12-05 Vendors contacted : SonarQube and Jenkins CI Discovered by: Christian Catalano Severity: High 2. Vulnerability Information CVE reference: CVE-2013-5676 CVSS v2...

Linkedin Password Decryptor - Linkedin Password Recovery Software

Linkedin Password Decryptor is the all-in-one software to recover Linkedin passwords stored by popular Web Browsers. These days, most of the web browsers store the website login passwords to prevent hassale of entering the password again and again. Each web browser use their own encryption...

Baidu Hi IM software parsing plaintext stack overflow

Our automatic bug exploiting tools have found a buffer overflow bug in Baidu Hi IM software which is a popular IM software in China. This bug is due to Baidu Hi do not strictly check the deciphered plaintext format in CSTransfer.dll. Because of encryption mechanism of Baidu Hi, it is hard to...

Green crack Office software protection password-vulnerability warning-the black bar safety net

As is well known, we in the use of Office software packages, you can set open password or a modify with the write-protection password, to avoid being someone else to steal private information. But the days long, even if their own are forgotten once set what the password what do I do? Perhaps you'...