Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data version 5.2.2 Vulnerability Details CVEID:CVE-2025-45767 DESCRIPTION: jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim o...

EUVD-2011-1217

Malware in sbrugna...

EUVD-2025-23305

Malicious code in bioql PyPI...

IBM Security Verify Governance 加密问题漏洞

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. A security vulnerability exists in IBM Security Verify Governance, Identity...

PT-2022-5294 · Ibm · Ibm Cics Tx Standard +1

Name of the Vulnerable Software and Affected Versions: IBM CICS TX Standard and Advanced version 11.1 Description: The issue is related to errors in data encryption. It could allow a remote attacker to gain unauthorized access to protected information. The problem arises from the use of weaker th...

IBM Security Guardium Weak Encryption Algorithm Vulnerability

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A weak cryptographic algorithm vulnerability exists in IBM Security...

IBM Data Risk Manager Weak Encryption Algorithm Vulnerability

IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. A weak cryptographic algorithm vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit the vulnerability to decrypt sensitive information...

Zoom Client < 4.6.10 Weak Encryption

The version of the Zoom Client installed on the remote host is prior to 4.6.10. It is, therefore, affected by a weak encryption vulnerability. Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit ke...

Philips IntelliBridge EC40 Hub and IntelliBridge EC80 Hub Encryption Issue Vulnerability

The Philips IntelliBridge EC40 Hub and IntelliBridge EC80 Hub are both monitor modules from Philips Europe. A weak encryption vulnerability exists in the Philips IntelliBridge EC40 Hub and IntelliBridge EC80 Hub, which can be exploited by an attacker to gain unauthorized access to the EC40/80 hub...

IBM DataPower Gateways Weak Encryption Algorithm Vulnerability

IBM DataPower Gateways is a suite of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B, and cloud workloads that protects, integrates, and optimizes access across channels...

IBM Security Access Manager Information Disclosure Vulnerability (CNVD-2017-09516)

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. An information disclosure vulnerability exists in IBM Security Access Manager...

Samsung KNOX Weak Encryption Vulnerability

Samsung KNOX is a set of enterprise mobile security solutions based on the Android platform from Samsung South Korea. The program offers features such as device protection, management and development options. A security vulnerability exists in version 1.0 of Samsung KNOX on the Android 4.3-based...

PT-2014-18: Weak encryption of account data in Wonderware Information Server

The specialists of the Positive Research center have detected a Weak encryption of account data vulnerability in Wonderware Information Server. Encryption of WIS is insufficient. This vulnerability could allow elevation of privileges if an attacker decrypts the credentials. The system would need ...

CVE-2005-0322

CVE-2005-0322 affects MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2. The issue is weak encryption in the configuration and data files (users.cfg, settings.cfg, users.dat, user.dat), which allows local users to extract stored passwords. T...

Ogopogo Autothenticate 1.1.5 - Weak Password Encryption

source: https://www.securityfocus.com/bid/552/info Autothenticate is an extension for MacOS that remembers usernames and passwords from visited websites, and atomatically enters them when the site is visited again. It can be configured to store the username and password, the username only, or...

Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption

source: https://www.securityfocus.com/bid/482/info The encrypted passwords for Remote.NLM are remotely accessible to anyone with the ability to view SYS:System\LDRemote.NCF. The password encryption algorithm for Remote.NLM has been broken and can be decrypted with pencil and paper. The password...

Novell Netware 4.14.11 - SP5B Remote.NLM Weak Encryption

Novell Netware 4.14.11 - SP5B Remote.NLM Weak Encryption source: https://www.securityfocus.com/bid/482/info The encrypted passwords for Remote.NLM are remotely accessible to anyone with the ability to view SYS:System\LDRemote.NCF. The password encryption algorithm for Remote.NLM has been broken a...