SAP NetWeaver 加密问题漏洞

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform primarily provides a development and runtime environment for SAP applications. SAP NetWeaver is vulnerable to a cryptographic issue that arises from the use of outdated encryption...

EUVD-2025-26119

Malicious code in bioql PyPI...

CVE-2025-31977

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

CVE-2025-31977 A cryptographic weakness has been identified in the HCL BigFix Service Management (SM)

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

CVE-2025-31977

CVE-2025-31977 concerns HCL BigFix SM and describes a cryptographic weakness due to weak or outdated encryption algorithms. The documents state that an attacker with network access could decrypt or manipulate encrypted communications under certain conditions. The NVD entry and Red Hat advisory co...

PT-2025-35108

Name of the Vulnerable Software and Affected Versions: HCL BigFix SM affected versions not specified Description: HCL BigFix SM is affected by a cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipula...

Broadcom SANnav 安全漏洞

Broadcom SANnav is a suite of SAN management platforms from Broadcom Corporation USA. A security vulnerability exists in Broadcom SANnav that stems from the use of outdated or risky encryption algorithms...

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

PLANET switch devices 安全漏洞

PLANET switch devices are a series of switch devices from PLANET China. A security vulnerability exists in PLANET switch devices that stems from the fact that the SNMPv3 service only supports outdated authentication protocols and encryption protocols, allowing an attacker to potentially obtain...

Hardcoded credentials

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

CVE-2023-34130

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

IBM QRadar Incident Forensics Information Disclosure Vulnerability (CNVD-2018-25037)

IBM QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and the repair of network security vulnerabilities. A security vulnerability exists in IBM QRada...

Vulnerable and pointless password storage on client computers

Given the following: -http://confluence.atlassian.com/display/DOC/Confluence+Cookies, which says "a one-way hash of the user's password" is stored in a browser cookie on the user's computer. -CSP-29692 case I opened with Atlassian support, which explained that EncryptionUtils.java is used to...