IBM Sterling External Authentication Server Encryption Issue Vulnerability

IBM Sterling External Authentication Server is a client application from International Business Machines IBM that enables extended authentication and verification services for IBM products. A cryptographic issue vulnerability exists in IBM Sterling External Authentication Server version 6.1.0, IB...

WordPress Appointment Hour Booking plugin weak algorithm vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A weak algorithmic...

CVE-2022-34319

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463...

The vulnerability in the implementation of the SSLContext class in My Cloud OS operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SSLContext class implementation in My Cloud OS networking storage operating systems is related to the choice of a less secure algorithm during negotiation processes. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and...

The vulnerability of the Libgcrypt cryptographic library, which stems from the use of a weak cryptographic algorithm. This allows attackers to gain access to confidential information.

The vulnerability of the Libgcrypt cryptographic library lies in the use of a weak cryptographic algorithm. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential information...

phpMyAdmin Cryptographic Vulnerability

An issue was discovered in phpMyAdmin. When the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's...

IBM Cloud Pak System Encryption Issue Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports cross-hybrid cloud deployment, management, and mobile application environments. IBM Cloud Pak System has an encryption issue vulnerability that stems from t...

IBM Cloud Pak System 加密问题漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. The product supports cross-hybrid cloud deployment, management, and mobile application environments. IBM Cloud Pak System has an encryption issue vulnerability that stems from t...

IBM Spectrum Scale Encryption Issue Vulnerability (CNVD-2022-63371)

IBM Spectrum Scale is a scalable data and file management solution from IBM based on IBM GPFS an enterprise file management system optimized for petabyte-scale storage management. The product supports helping customers reduce storage costs while improving security and management efficiency in...

PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes

Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal non-FIPS-CC operationa...

The vulnerability of the Libgcrypt cryptographic library, which stems from the use of weak cryptographic algorithms, allows attackers to gain access to confidential information.

The vulnerability of the Libgcrypt cryptographic library lies in the use of a weak cryptographic algorithm. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential information within the system...

CVE-2021-46559

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection...

CVE-2021-46559

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection...

Information disclosure

The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection...

IBM Security Verify 加密问题漏洞

IBM Security VerifyAccess ISAM is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT, and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls,...

IBM QRadar SIEM Encryption Issue Vulnerability

IBM QRadar SIEM is a U.S.-based solution from IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture and generates detailed reports on data access and user activity. IBM QRadar ha...

IBM Cloud Pak for Security 加密问题漏洞

IBM Cloud Pak for Security CP4S is an open security platform from IBM that connects to your existing data sources, generates deeper insights, and enables you to act faster with automation. IBM Cloud Pak for Security CP4S suffers from an encryption issue vulnerability in versions 1.7.0.0, 1.7.1.0,...

GHSA-WWVV-X5MQ-H3JJ Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...

Default credentials

Gestsup before 3.2.10 allows account takeover through the password recovery functionality remote. The affected component is the file forgotpwd.php - it uses a weak algorithm for the generation of password recovery tokens the PHP uniqueid function, allowing a brute force attack...

CVE-2021-31646

Gestsup before 3.2.10 allows account takeover through the password recovery functionality remote. The affected component is the file forgotpwd.php - it uses a weak algorithm for the generation of password recovery tokens the PHP uniqueid function, allowing a brute force attack...