Lucene search
K

189 matches found

NVD
NVD
added 2024/05/02 2:15 p.m.18 views

CVE-2024-3543

Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system...

7.5CVSS6.5AI score0.00277EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 2:5 p.m.24 views

CVE-2024-3543 LoadMaster Reversible Password Encryption Algorithm

Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system...

6.4CVSS6.7AI score0.00277EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/02 2:5 p.m.28 views

CVE-2024-3543 LoadMaster Reversible Password Encryption Algorithm

Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system...

6.4CVSS7AI score0.00277EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.3 views

DELL ECS Connection Manager 安全漏洞

DELL ECS Connection Manager is a software for managing enterprise cloud storage from Dell DELL USA. A security vulnerability exists in DELL ECS Connection Manager that stems from the use of a reversible password encryption algorithm that allows an attacker to decrypt passwords...

7.5CVSS6.5AI score0.00379EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/23 12:0 a.m.5 views

The vulnerability of the software protection tool for accessing applications in Docker environments. IBM Security Verify Access Docker, a access management system from IBM Security Verify Access, which involves storing passwords in a reversible format. This allows attackers to exploit the protected information.

The vulnerability of the Docker-based application access control software, IBM Security Verify Access, lies in its password storage mechanism. Exploiting this vulnerability could allow attackers to disclose the protected information...

5.5CVSS6.6AI score0.0021EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/07/20 6:15 p.m.17 views

Design/Logic Flaw

Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis libraries "always private" - this is supposed to be an irreversible operation. However, due to implementation issues, "always private" Omnis libraries can be opened by the Omnis Studio browser by bypassin...

5CVSS5.3AI score0.01091EPSS
Exploits1References4Affected Software1
Schneier on Security
Schneier on Security
added 2023/02/21 12:14 p.m.11 views

The Insecurity of Photo Cropping

The Intercept has a long article on the insecurity of photo cropping: One of the hazards lies in the fact that, for some of the programs, downstream crop reversals are possible for viewers or readers of the document, not just the files creators or editors. Official instruction manuals, help pages...

2.3AI score
Exploits0
Code423n4
Code423n4
added 2022/10/01 12:0 a.m.10 views

After a swap, user can lose input token amount while receiving no output token amount when output token becomes non-existent

Lines of code Vulnerability details Impact When calling the swap function below, the following safeTransfer function is further called for transferring the corresponding value of token from the pool to the recipient. Note that safeTransfer does not check for the existence of the token contract...

6.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/09/09 4:15 p.m.1 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

4.9CVSS5.9AI score0.00426EPSS
Exploits0References3
OSV
OSV
added 2022/09/09 4:15 p.m.4 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

4.9CVSS5.8AI score0.00426EPSS
Exploits0References2
NVD
NVD
added 2022/09/09 4:15 p.m.18 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

4.9CVSS0.00426EPSS
Exploits0References2
Prion
Prion
added 2022/09/09 4:15 p.m.20 views

Design/Logic Flaw

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

3.3CVSS5.2AI score0.00426EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/09 3:33 p.m.63 views

CVE-2022-36617

CVE-2022-36617 affects Arq Backup 7.19.5.0 and earlier, where backup encryption passwords are stored using reversible encryption. The vulnerability allows attackers with administrative privileges to recover cleartext passwords. Documents do not provide any mitigation or a confirmed fix version. N...

4.9CVSS5.1AI score0.00426EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/09 3:33 p.m.26 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

5.5AI score0.00426EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.6 views

PT-2022-23510 · Unknown · Arq Backup

Name of the Vulnerable Software and Affected Versions: Arq Backup versions 7.19.5.0 and below Description: The issue allows attackers with administrative privileges to recover cleartext passwords because Arq Backup stores backup encryption passwords using reversible encryption. Recommendations: F...

4.9CVSS5AI score0.00426EPSS
Exploits0References4
Metasploit
Metasploit
added 2022/07/16 5:42 p.m.1886 views

Decrypt Citrix NetScaler Config Secrets

This module takes a Citrix NetScaler ns.conf configuration file as input and extracts secrets that have been stored with reversible encryption. The module supports legacy NetScaler encryption RC4 as well as the newer AES-256-ECB and AES-256-CBC encryption types. It is also possible to decrypt...

6.9AI score
Exploits0
OSV
OSV
added 2022/05/25 10:34 p.m.31 views

GHSA-67FJ-6W6M-W5J8 Reversible One-Way Hash in io.github.javaezlib:JavaEZ

Impact This weakness allows the force decryption of locked text by hackers. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. Upgrading...

7.5CVSS7.4AI score0.00682EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/25 10:34 p.m.41 views

Reversible One-Way Hash in io.github.javaezlib:JavaEZ

Impact This weakness allows the force decryption of locked text by hackers. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. Upgrading...

7.5CVSS7.1AI score0.00682EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/05/24 3:15 p.m.25 views

CVE-2022-29249 Reversible One-Way Hash and Use of a Broken or Risky Cryptographic Algorithm in io.github.javaezlib.JavaEZ

JavaEZ is a library that adds new functions to make Java easier. A weakness in JavaEZ 1.6 allows force decryption of locked text by unauthorized actors. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required...

7.5CVSS7.6AI score0.00682EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/16 12:0 a.m.2 views

Robotronic RunAsSpc 信任管理问题漏洞

Robotronic RunAsSpc is a software that supports running an application without a password in another system account. A security vulnerability exists in Robotronic RunAsSpc 4.0 that stems from the affected product's use of a common and reversible encryption key...

7.5CVSS7.3AI score0.00593EPSS
Exploits0References2
Rows per page
Query Builder