39 matches found
CVE-2023-37396
CVE-2023-37396 affects IBM Aspera Faspex 5.0.0–5.0.7, where a local user could obtain sensitive information due to improper encryption of certain data. The issue is documented alongside other encryption vulnerabilities in IBM’s Security Bulletin for Aspera Faspex, which notes that Faspex 5.0.8 ad...
IBM Aspera 信任管理问题漏洞
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. IBM Aspera Faspex has a trust management issue vulnerability that stems from improper encryption of certain data. An attacker could exploit the vulnerability ...
PT-2024-12610 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.7 Description: The issue allows a local user to obtain sensitive information due to improper encryption of certain data. Recommendations: For IBM Aspera Faspex versions 5.0.0 through 5.0.7, update ...
Google Pixel Security Breach
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from an improper use of encryption in the TBD module, which could lead to authentication bypass...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2022-2068, CVE-2022-2097)
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-2068 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary commands ...
Security Bulletin: Multiple Vulnerabilities in node.js
Summary Security Vulnerabilities in node.js affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information.. Vulnerability Details CVEID:CVE-2022-32213 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly parse and...
Unisys Messaging Integration Services存在未明漏洞
Unisys Messaging Integration Services Ntsi is a messaging-based interface between two programs from Unisys, Inc. A security vulnerability exists in Unisys Messaging Integration Services Ntsi, which stems from a network system or product that does not The vulnerability is caused by a network syste...
Bosch Rexroth IndraMotion Mlc Licensing Issue Vulnerability
Bosch Rexroth IndraMotion Mlc is a new device that combines motion and logic control, as well as robotics control.A security vulnerability exists in Bosch Rexroth IndraMotion Mlc, which stems from a network system or product that does not properly use the relevant cryptographic algorithms, and...
Bosch Rexroth IndraMotion Mlc Information Disclosure Vulnerability
The Bosch Rexroth IndraMotion Mlc is a new device that combines motion and logic control, as well as robot control. A security vulnerability exists in Bosch Rexroth IndraMotion Mlc, which arises from a networked system or product that does not properly use the relevant cryptographic algorithms, a...
IBM Cloud Pak for Applications Information Disclosure Vulnerability
IBM Cloud Pak for Applications is an application from IBM USA, Inc. A security vulnerability exists in IBM Cloud Pak for Applications version 4.3, which stems from the application's use of an improper encryption algorithm. An attacker could exploit the vulnerability to be able to decrypt highly...
CVE-2020-36201
An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices...
Siemens LOGO! 8 BM Improper Encryption Algorithm Vulnerability
Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM, which can be exploited by an attacker to gain unauthorized full access to all services...
CVE-2019-19411
USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gai...
CVE-2017-5535
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise th...
CVE-2017-5535
CVE-2017-5535 affects TIBCO DataSynapse GridServer Manager components (GridServer Broker, GridServer Driver, GridServer Engine). The issue is improper use of encryption and weak ciphers, allowing potentially compromised traffic between components. Affected releases include GridServer Manager
CVE-2016-2283
Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors...
Design/Logic Flaw
The DB service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password...
PT-2015-11: Information Disclosure in Siemens SIMATIC WinCC (TIA Portal)
The specialists of the Positive Research center have detected an Information Disclosure vulnerability in Siemens SIMATIC WinCC TIA Portal. Vulnerability exists in the remote management module of WinCC TIA Portal Multi Panels, Comfort Panels, and RT Advanced due to improper encryption of credentia...
CVE-2012-3018
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain...