157 matches found
CVE-2023-50442
Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...
Cisco Nexus 1000V VSM/VEM Communication Encryption Bypass (CVE-2013-1208)
The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module VSM to Virtual Ethernet Module VEM communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID...
CVE-2023-35818
An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...
CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
Privilege escalation
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2021-46892
Technical details for CVE-2021-46892 are not publicly provided in the connected documents. Monitor for updates from vendors and security bulletins.
CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
PT-2023-12612 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2023-21179
In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21179
In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that originates in the installKey of KeyUtil.cpp, which may bypass user-specified wifi encryption protocols due to improper use of encryption, which may result in local privilege...
CVE-2023-21190
In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
PUB-A-272755865
In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Siemens SCALANCE W1750D Improper Input Validation (CVE-2022-47522)
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...
PT-2023-2034 · Unknown +1 · Ieee 802.11 +1
Name of the Vulnerable Software and Affected Versions: IEEE 802.11 specifications through 802.11ax Description: The issue allows physically proximate attackers to intercept target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending...
Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues Affecting Multiple Cisco Products
On March 27, 2023, the research paper Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues was made public. This paper discusses vulnerabilities in the 802.11 standard that could allow an attacker to spoof a targeted wireless client and redirect frames that are present in th...
CVE-2023-23911
An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room...
K30215094: Ruby vulnerability CVE-2016-7798
Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...