273 matches found
CVE-2022-37400
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...
CVE-2022-37400 Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...
PT-2022-23973 · Apache · Apache Openoffice +1
Name of the Vulnerable Software and Affected Versions: Apache OpenOffice versions prior to 4.1.13 Description: A flaw in Apache OpenOffice exists where the required initialization vector for encryption is always the same, weakening the security of the encryption. This makes stored passwords...
Intel PROSet/Wireless WiFi Software 加密问题漏洞
Intel PROSet/Wireless WiFi Software is a wireless network card driver from Intel Corporation USA. A security vulnerability exists in Intel PROSet/Wireless WiFi Software, which stems from insufficient encryption strength. The vulnerability can be exploited by an attacker to elevate privileges...
The vulnerability of the LibreOffice office software’s user configuration database allows a hacker to disclose protected information.
The vulnerability of the LibreOffice office software’s user configuration database is related to insufficiently secure data encryption. Exploiting this vulnerability could allow a malicious actor to disclose protected information from a remote location...
The vulnerability of the LibreOffice office software package, related to insufficient data encryption, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the LibreOffice office software package is related to insufficiently robust data encryption. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2022-30273
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...
DEBIAN-CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
UBUNTU-CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
IBM Security Access Manager Appliance 加密问题漏洞
IBM Security Access Manager Appliance ISAM Appliance is a network appliance-based security solution from IBM, USA. The product is mainly used for access control and Web-based threat protection, providing system performance monitoring, log analysis and diagnosis. A security vulnerability exists in...
The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a perpetrator to disclose protected information.
The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to insufficient encryption strength. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller allows a hacker to disclose protected information.
The vulnerability of the BSAP/IP protocol implementation of the telemechanics controller ControlWave and the Bristol Babcock 33xx controller is related to insufficient encryption strength. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
GHSA-R9Q2-3R6X-QMGP Inadequate Encryption Strength in Jenkins
Jenkins before versions 2.44 and 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks SECURITY-304...
Secomea 多款产品加密问题漏洞
Secomea GateManager and Secomea SiteManager are both products of Secomea, Denmark.GateManager is a remote access server product.Secomea SiteManager is a software application. Secomea SiteManager is a software application that provides a remote maintenance function for industrial equipment. A...
IBM UrbanCode Deploy 加密问题漏洞
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in...
PT-2022-13792 · Hills · Hills Comnav
Name of the Vulnerable Software and Affected Versions: Hills ComNav version 3002-19 Description: The issue concerns a weak communication channel in the configuration pages of the system. Traffic across the local network can be viewed by a malicious actor, and the size of certain communications...
IBM UrbanCode Deploy 加密问题漏洞
IBM UrbanCode Deploy UCD is a suite of application automation deployment tools from IBM. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in different environments, etc. I...
Code injection
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated versions of the ViewX client are used. Affected Product: ClearSCADA All Versions, EcoStruxure Geo SCADA Expert 2019 All Versions, EcoStruxure Geo SCADA Expert...
NetBSD 安全特征问题漏洞
NetBSD is an open source Unix-like operating system from the NetBSD Foundation. NetBSD suffers from a security signature issue vulnerability that stems from the IPv4 ID generation algorithm not using proper encryption measures in NetBSD through 9.2...