12 matches found
PT-2026-56040
Name of the Vulnerable Software and Affected Versions Minosoft affected versions supporting Minecraft protocol 1.7 and later Description The CryptManager encryption routine in CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret key instead ...
EUVD-2013-6917
Malware in sbrugna...
EUVD-2013-3643
Malware in sbrugna...
EUVD-2023-26864
Malicious code in bioql PyPI...
EUVD-2025-21027
Malicious code in bioql PyPI...
CVE-2025-26521
When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based...
CVE-2020-24622
In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed by an admin user...
GHSA-753P-WRJ5-G8FJ PQClean has a correctness error in HQC decapsulation
Impact A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treated as non-secret data. This results in an incorrect shared secret value being returned when the decapsulation...
CVE-2024-54137 liboqs has a correctness error in HQC decapsulation
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treat...
CVE-2023-22746
CVE-2023-22746 affects CKAN Docker-based deployments where a default, shared secret key is used across multiple instances unless overridden in the container’s .env. The vulnerability allows forging authentication requests between CKAN instances when the default secret key is not customized. Affec...
CVE-2015-0922
McAfee ePolicy Orchestrator ePO before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password...
CVE-2005-4002
WebEOC before 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation...