185 matches found
CVE-2021-21734
Some PON MDU devices of ZTE stored sensitive information in plaintext, and users with login authority can obtain it by inputing command. This affects: ZTE PON MDU device ZXA10 F821 V1.7.0P3T22, ZXA10 F822 V1.4.3T6, ZXA10 F819 V1.2.1T5, ZXA10 F832 V1.1.1T7, ZXA10 F839 V1.1.0T8, ZXA10 F809 V3.2.1T1...
ZTE PON MDU 加密问题漏洞
ZTE PON MDU is a China ZTE ZTE company's main application for the connection between network backbone switches, as well as network aggregation layer switches access to the network backbone switch core switch. An encryption issue vulnerability exists in ZTE PON MDUs. The vulnerability originates...
GitLab 信息泄露漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in Gitlab version 11.6 an...
Oclean Mobile Application Encryption Issue Vulnerability
An encryption issue vulnerability exists in Oclean Mobile Application, which arises from a network system or product that does not properly use the relevant cryptographic algorithms, resulting in content that is not properly encrypted, weakly encrypted, and sensitive information stored in plainte...
bcrypt encryption problem vulnerability
bcrypt is a library used in Node.js for encrypting passwords. An encryption issue vulnerability exists in versions of bcrypt prior to 5.0.0. The vulnerability stems from a networked system or product that does not properly use the relevant cryptographic algorithm, resulting in content that is not...
D-Link DIR-865L Information Disclosure Vulnerability (CNVD-2020-33169)
The D-Link DIR-865L is a wireless router from AUO D-Link of Taiwan, China. An information disclosure vulnerability exists in D-Link DIR-865L Ax version 1.20B01 Beta, which originates from the program storing sensitive information in plaintext form. An attacker can exploit this vulnerability to...
GnuTLS Encryption Problem Vulnerability
GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. An encryption issue vulnerability exists in versions prior to GnuTLS 3.6.13. The vulnerability stems from a network system or product that does not properly use the relevant cryptographic algorithms,...
Unisoon UltraLog Express Sensitive Data Disclosure Vulnerability
Unisoon UltraLog Express is a telephone recording system from Unisoon, Taiwan, China. A security vulnerability exists in Unisoon UltraLog Express, which is caused by the management software storing user information in plaintext. The vulnerability can be exploited by an attacker to gain access to...
It-novum OpenITCOCKPIT Encryption Issues Vulnerability
It-novum OpenITCOCKPIT is a set of open source system monitoring tools from Germany's It-novum. An encryption issue vulnerability exists in It-novum openITCOCKPIT versions prior to 3.7.3. The vulnerability stems from a network system or product that does not properly use the relevant cryptographi...
Broadcom Wi-Fi Devices - 'KR00K Information Disclosure
Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...
Opencast Encryption Issues Vulnerabilities
Opencast is a free and open source video management solution that is scalable, customizable and low cost. An encryption issue vulnerability exists in Opencast versions prior to 8.1 and prior to 7.6. The vulnerability stems from a network system or product that does not properly use the relevant...
IBM Security Secret Server Encryption Issue Vulnerability
IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. An encryption issue vulnerability exists in IBM Security Secret Server. The...
STMicroelectronics ST33TPHF2ESPI TPM Encryption Issue Vulnerability
The STMicroelectronics ST33TPHF2ESPI TPM is a Trusted Computing Platform Module from STMicroelectronics, Switzerland. A cryptographic issue vulnerability exists in versions of the STMicroelectronics ST33TPHF2ESPI TPM prior to 2019-09-12. The vulnerability stems from a networked system or product...
Fortinet FortiClient Information Disclosure Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. An information disclosure vulnerability exists in Fortin...
cPanel Information Disclosure Vulnerability (CNVD-2019-28990)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. An encryption issue vulnerability exists in versions of cPanel prior to 60.0.25. The vulnerability stems from a network...
Magento encryption issue vulnerability (CNVD-2019-40840)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento version 2.1 before 2.1.18, version 2.2 before 2.2.9, and...
Magento encryption issue vulnerability (CNVD-2019-40837)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...
IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog Encryption Issue Vulnerability
IBM InfoSphere Information Server on Cloud and IBM Watson Knowledge Catalog are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a set of cloud-based data integration platform.IBM Watson Knowledge Catalog is a unified data catalog system. Watson Knowledge...
Orpak SitOmat Encryption Error Vulnerability
Orpak SitOmat is a remote takeover refueling system from Orpak India. A cryptographic error vulnerability exists in Orpak SitOmat that originates when the program passes sensitive information in plaintext, which can be exploited by an attacker to obtain credentials and bypass authentication...
ABUS Secvest Encryption Issues Vulnerabilities
ABUS Secvest FUAA50000 is a wireless remote control from ABUS Germany. An encryption issue vulnerability exists in the ABUS Secvest FUAA50000 using firmware version 3.01.01. The vulnerability stems from a networked system or product that does not properly use the relevant cryptographic algorithms...