10 matches found
[SECURITY] [DSA 6251-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6251-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq -...
📄 Siklu EtherHaul Series EH-8010 / EH-1200 File Upload
PHP proof of concept for a critical vulnerability that exists in Siklu EtherHaul EH-8010 and EH-1200 devices running firmware versions 7.4.0 through 10.7.3. The rfpiped service exposed on TCP port 555 uses hardcoded AES-256-CBC encryption parameters static key and IV and lacks any authentication...
CVE-2025-15128
A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safesetting/ of the component Endpoint. Performing a manipulation of the argument backupencryptionpassworddecrypt/exportencryptionpassworddecrypt results in unprotected storage o...
CVE-2025-9696 Use of Hard-coded Credentials in SunPower PVS6
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
PT-2026-4941
Name of the Vulnerable Software and Affected Versions OpenSSL version 3.0 OpenSSL version 3.3 OpenSSL version 3.4 OpenSSL version 3.5 OpenSSL version 3.6 Description Parsing CMS AuthEnvelopedData or EnvelopedData messages with maliciously crafted AEAD Authenticated Encryption with Associated Data...
CVE-2022-20927
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...
Design/Logic Flaw
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...
Procter&Gamble Oral-B App for Android Privilege Gain Vulnerability
Procter&Gamble Oral-B App for Android is an Android-based electric toothbrush management app from Procter&Gamble. A security vulnerability exists in version 5.0.0 of the Procter&Gamble Oral-B App for Android, which stems from the program's use of AES encryption with static parameters. An attacker...
CVE-2015-5884
The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment...
Information disclosure
The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment...