7 matches found
EUVD-2012-5639
Malware in sbrugna...
CVE-2023-22746
CKAN is an open-source DMS data management system for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the .env file...
PT-2025-1744 · Ecovacs · Ecovacs Vacuums +1
Name of the Vulnerable Software and Affected Versions: ECOVACS robot lawn mowers and vacuums affected versions not specified Description: The issue concerns the use of a shared, static secret key to encrypt BLE GATT messages in ECOVACS robots. This allows an unauthenticated attacker within BLE...
CVE-2023-22746 CKAN is vulnerable to session secret shared across instances using Docker images
CKAN is an open-source DMS data management system for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the .env file...
MileSight camera default private key certificate vulnerability
MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. MileSight camera suffers from a default private key certificate vulnerability. Since all cameras share the same secret key, an attacker can exploit the vulnerability to launch a man-in-the-middle attack whe...
CVE-2012-5756
The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by 1 sniffing the...
Design/Logic Flaw
The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-5095...