Lucene search
K

5 matches found

Snyk
Snyk
added 2023/08/13 9:0 p.m.2 views

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy via the getKey function, due to inefficient implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt function is less secure when hex encoding and trimming are applied, leaving half of the bit...

5.9CVSS6.9AI score0.00955EPSS
Exploits1References2
Snyk
Snyk
added 2023/08/13 9:0 p.m.3 views

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy via the getKey function, due to inefficient implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt function is less secure when hex encoding and trimming are applied, leaving half of the bit...

5.9CVSS6.9AI score0.00955EPSS
Exploits1References2
Snyk
Snyk
added 2023/08/13 9:0 p.m.2 views

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy via the getKey function, due to inefficient implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt function is less secure when hex encoding and trimming are applied, leaving half of the bit...

5.9CVSS6.9AI score0.00955EPSS
Exploits1References2
OSV
OSV
added 2018/08/23 2:29 p.m.6 views

CVE-2018-3833

An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the firmware version that is going to be installed...

7.5CVSS5.8AI score0.01119EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2018/08/23 12:0 a.m.10 views

PT-2018-16227 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1013 Description: An exploitable issue exists in the firmware upgrade functionality of the Insteon Hub, triggered via PubNub. The device retrieves signed firmware binaries using plain HTTP requests and does not check the...

8.6CVSS7.8AI score0.01119EPSS
Exploits2References3
Rows per page
Query Builder