EUVD-2024-24400

Malicious code in bioql PyPI...

CVE-2024-27159 Hardcoded password used to encrypt logs

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for th...

CVE-2024-27159 Hardcoded password used to encrypt logs

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for th...

PT-2024-21693 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a shell script in Toshiba printers that uses a hardcoded key for log encryption. An attacker can exploit this by decrypting the encrypted files using the hardcod...

PT-2024-21691 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a shell script in Toshiba printers that uses a hardcoded key for log encryption. An attacker can exploit this by decrypting the encrypted files using the hardcod...

CVE-2023-31135

CVE-2023-31135 affects Dgraph audit logs due to nonce collisions in the log encryption scheme. The first 12 bytes come from a baseIv, and the last 4 bytes from the log line length; because log lines often share the same length, nonces are reused. All audit logs generated by versions

CVE-2023-31135 Dgraph Audit Log Encryption nonce reuse

Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being...

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

Hardcoded credentials

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

SQL General-purpose anti injection system asp version of vulnerability-vulnerability warning-the black bar safety net

Tonight the group of friends called to see a station, there is a sql anti injection, around however, but have found that recording the wrong file sqlin. asp. ! Since doing the recording, and then view its log file ! So thinking about the structure of the asp word written into it, in front of...