CVE-2026-50210

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

CVE-2026-11347

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

CVE-2026-50210

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

EUVD-2026-34222

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

CVE-2026-50210

CVE-2026-50210 is linked to multiple sources describing a cryptographic weakness where data is encrypted with AES-CBC using static zero-filled IVs. This configuration can enable replay attacks and known-plaintext decryption. The description across NVD, CVE records, and related feeds consistently ...

CVE-2026-50210 Weak Static Cryptographic Initialization Vectors

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

CVE-2026-50210 Weak Static Cryptographic Initialization Vectors

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

CVE-2026-50210

The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...

PT-2026-46162

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The device encrypts data using AES-CBC Advanced Encryption Standard in Cipher Block Chaining mode with static zero-filled Initialization Vectors IVs. This...

EUVD-2014-2357

Malware in sbrugna...

EUVD-1999-1066

Malware in sbrugna...

Bkcrack - Crack Legacy Zip Encryption With Biham And Kocher's Known Plaintext Attack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack. Overview A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a password-based Encryption Algorithm symmetric encryption algorithm referred ...

Nextcloud Server 19.0.1 Encryption Vulnerability (NC-SA-2020-039)

Nextcloud Server is prone to a vulnerability where it is possible to downgrade the encryption scheme and break the integrity through known-plaintext attack. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Nextcloud: Downgrade encryption scheme and break integrity through known-plaintext attack

The idea behind the Server Side Encryption is that you can move your encrypted files to an external party without that external party being able to to read or modify those files. Some time ago, Nextcloud switched from unauthenticated CFB cipher block mode to authenticated CTR cipher block mode in...

CVE-2014-2319

The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...

Code injection

The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...

CVE-2014-2319

The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...

CVE-2007-6192

The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...

CVE-2007-6192

The CVE-2007-6192 entry describes an information disclosure vulnerability in the Citrix NetScaler Web Management Interface (NetScaler 8.0 build 47.8). The issue arises from using weak encryption to protect cookie contents by XORing sensitive values (including credentials) with a fixed key stream,...

CVE-2007-6192

The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption XOR of unpadded data to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack...