CVE-2024-39342

Entrust Instant Financial Issuance formerly known as Cardwizard 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library i.e. DCG.Security.dll with a custom AES encryption process that relies on static hard-coded key values. These keys are not uniquely generated per installation of t...

EUVD-2019-17742

Malware in sbrugna...

EUVD-2022-28660

Malicious code in bioql PyPI...

Ping Identity Windows PingId 信任管理问题漏洞

Ping Identity Windows PingId is a software from Ping Identity, Inc. that provides security for applications. A vulnerability with trust management issues exists in PingId Integration for Windows Login 2.4.1 and prior versions, which stems from the use of static encryption key material to allow...

AVG Remote Administration Bypass / Code Execution / Static Keys

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: AVG Remote Administration vulnerable version: all - except issue 2 fixed version: none - except issue 2 impact: critical...