174 matches found
EUVD-2025-6964
Malicious code in bioql PyPI...
EUVD-2023-25346
Malicious code in bioql PyPI...
EUVD-2025-13215
Malicious code in bioql PyPI...
EUVD-2024-3551
Malicious code in bioql PyPI...
BOSCH ctrlX OS 安全漏洞
BOSCH ctrlX OS is a Linux-based real-time operating system from the German company BOSCH. A security vulnerability exists in BOSCH ctrlX OS that stems from an unclear description of backup file encryption, which could lead to a user misinterpreting the backup file encryption status...
Encrypting Files with Passkeys and age
Typage age-encryption on npm is a TypeScript1 implementation of the age file encryption format. It runs with Node.js, Deno, Bun, and browsers, and implements native age recipients, passphrase encryption, ASCII armoring, and supports custom recipient interfaces, like the Go implementation. However...
CVE-2024-28146
The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...
CVE-2022-29053
A missing cryptographic steps vulnerability CWE-325 in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it...
Exposed Dangerous Method Or Function
H2O-3 is vulnerable to Exposed Dangerous Method or Function. The vulnerability is due to improper access control due to an exposed EncryptionTool endpoint that allows an attacker to encrypt files on the target server with a chosen key, potentially leading to ransomware-like behavior by overwritin...
CVE-2024-6863
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like behavior. This vulnerability makes it possible for an attacke...
Exposed Dangerous Method or Function
Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function through the EncryptionTool endpoint. An attacker can encrypt arbitrary files on the target server with a key of their choosing, making it exceedingly difficult for the target to recover the keys need...
CVE-2024-6863
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like behavior. This vulnerability makes it possible for an attacke...
CVE-2024-6863 Encryption of Arbitrary Files with Attacker-Controlled Key in h2oai/h2o-3
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like behavior. This vulnerability makes it possible for an attacke...
CVE-2024-6863
CVE-2024-6863 affects h2oai/h2o-3 v3.46.0 through an endpoint exposing a custom EncryptionTool that allows an attacker to encrypt arbitrary files on the target server with a key of their choosing, with the key potentially overwritable and ransomware-like behavior described. The vulnerability’s im...
NotLockBit: A Deep Dive Into the New Ransomware Threat
Overview NotLockBit is a new and emerging ransomware family that actively mimics the behavior and tactics of the well-known LockBit ransomware. It distinguishes itself by being one of the first fully functional ransomware strains to target macOS and Windows systems. Distributed as an x8664 golang...
CVE-2024-28146
The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...
Analysis of Elpaco: a Mimic variant
Introduction In a recent incident response case, we dealt with a variant of the Mimic ransomware with some interesting customization features. The attackers were able to connect via RDP to the victim's server after a successful brute force attack and then launch the ransomware. After that, the...
TRCore DVC Trust Management Issue Vulnerability
TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a trust management issue vulnerability that originates from encrypting a file using a hard-coded key, which can be exploited by an attacker to decrypt the file using the hard-coded key and recover the original conten...
CVE-2024-11308
The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...
CVE-2024-11308 TRCore DVC - Use of Hard-coded Cryptographic Key
The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...