CVE-2015-8013

CVE-2015-8013 concerns s2k.js in OpenPGP.js, where crafted PGP keys can be decrypted regardless of the provided passphrase, enabling an attacker to bypass authentication if message decryption is used as an authentication mechanism. The concrete technical detail across the connected documents iden...

The German e-Government communications system components there are multiple serious vulnerabilities can lead to government exchange of data breach-vulnerability warning-the black bar safety net

! The G20 Summit on the eve of the German vigorously strengthen the network security and the establishment of the all-Weather command center, and most recently, the SEC-Consult security researchers found that the German e-Government communications library Online Services computer interface the OS...

Communication message decryption vulnerability exists in the Voyager Android app

The Voyager Android app is a mobile app for buying airline tickets. A communication message decryption vulnerability exists in the TravelSense Android app. The vulnerability stems from fixed-key hardcoding, which can be exploited by an attacker to crack the encryption algorithm and break other...

OpenSC crypto vulnerability

pkcs11-tool invalid keys generation allows message decryption...

Authentication flaw

The WSEE runtime WS-Security runtime in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security...

CVE-2005-3256

The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message...