CVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

Satellite Cybersecurity across Orbital Altitudes: Analyzing Ground-Based Threats to LEO, MEO, and GEO

The rapid proliferation of satellite constellations, particularly in Low Earth Orbit LEO, has fundamentally altered the global space infrastructure, shifting the risk landscape from purely kinetic collisions to complex cyber-physical threats. While traditional safety frameworks focus on debris...

EUVD-2009-4152

Malware in sbrugna...

EUVD-2024-38211

Malicious code in bioql PyPI...

Encryption Made for Police and Military Radios May Be Easily Cracked

Researchers found that an encryption algorithm likely used by law enforcement and special forces can have weaknesses that could allow an attacker to listen in...

Questions Mount Around Yahoo Breach

As Yahoo continues to investigate the biggest data breach in history, pressure is mounting on the company to admit when it knew about the attack, whether there was a delay in reporting it, and also about how it implements cryptography to secure data it’s responsible for. Security company Venafi...

NSA Exploiting Weak Diffie-Hellman Primes to Break Crypto

The great mystery since the NSA and other intelligence agencies’ cyber-spying capabilities became watercooler fodder has not been the why of their actions, but the how? For example, how are they breaking crypto to decode secure Internet communication? A team of cryptographers and computer...

USN-2696-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...

Open Smart Grid Protocol Homegrown Crypto Weaknesses

In the three years since its inception, the Open Smart Grid Protocol has found its way into more than four million smart meters and similar devices worldwide. And like its SCADA, industrial control system, and embedded system brethren, it’s rife with security issues. Two researchers, Phillip...

Experts Urge Conservatism on Crypto Standards

SAN FRANCISCO–Security people are, by nature, cautious and methodical, and that is even more true of cryptographers. And in the current environment, when new adversaries seem to emerge on a daily basis and cryptographic standards are under intense scrutiny, a panel of some of the biggest names in...

Design/Logic Flaw

Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...

CVE-2009-4182

Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server...

CVE-2009-4182

HP Web Jetadmin 10.2 and later uses a remote SQL Server and is affected by multiple vulnerabilities that can allow remote unauthorized access to data and DoS. The root cause involves authentication and encryption weaknesses on the SQL server and insufficient network protections, per HP/SRT bullet...

Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit

Exploit for unknown platform in category web applications ================================================================ Ultimate PHP Board "; $ikey = ordsubstr$key, $i, 1; // print $i."ikey:".$ikey.""; $itext = ordsubstr$text, $i, 1; // print $i."itext:".$itext.""; $nkey = ordsubstr$key, $i+1...

Catastrophic failure of Strip password generation.

Executive summary: If you have ever used Strip for the Palm to generate your passwords, change them. Change them NOW. Strip Secure Tool for Recalling Important Passwords is a nice encrypted password notebook for the Palm; see http://www.zetetic.net/products.html for details. Strip-0.5 also featur...

An Analysis of the TACACS+ Protocol and its Implementations

-----BEGIN PGP SIGNED MESSAGE----- OW-001-tacplus, revision 1 May 30, 2000 An Analysis of the TACACS+ Protocol and its Implementations ----------------------------------------------------------- This advisory presents an analysis of several vulnerabilities in the TACACS+ protocol. Unfortunately,...

CVE-2000-0326

Meeting Maker uses weak encryption a polyalphabetic substitution cipher for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts...

omnis.txt

I'm not sure of the complete extent of applications written in Omnis, but from what I understand, it's a multi-platform Rapid Application Development environment. Essentially, from what I understand having no personal experience with the product, you create one program in Omnis, and it's portable...