CVE-2025-34099

An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidialsalesviewer.php component when password encryption is enabled a non-default configuration. The application improperly passes the HTTP Basic Authentication password directly ...

CVE-2020-36201

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices...

CVE-2019-13022

Bond JetSelect all versions has an issue in the Java class ENCtool.jar and corresponding password generation algorithm used to set initial passwords upon first installation. It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be...

Linux Distros Unpatched Vulnerability : CVE-2013-7252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier fo...

Arista Networks MOS 加密问题漏洞

Arista Networks MOS is a fully programmable and highly modular Linux-based network operating system from Arista Networks, Inc. that uses the familiar industry-standard CLI and runs a single binary software image in the Arista switch family. The vulnerability stems from the fact that the product...

CVE-2012-4571

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...