25 matches found
CVE-2026-11347
The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...
CVE-2026-11347
The CVE-2026-11347 entry describes vulnerabilities in the linqi application: hardcoded cryptographic keys and a weak IV-generation mechanism for AES/CBC using a limited ASCII charset. This combination enables known-plaintext attacks and allows an attacker with local access to decrypt obfuscated s...
CVE-2026-11347 Hardcoded Cryptographic Keys and Weak IV Generation in linqi
The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...
Linqi 安全漏洞
Linqi is an English speaking practice platform developed by the German company Linqi. It combines human language interaction with AI-based feedback. Linqi has a security vulnerability, which stems from hard-coded encryption keys and weak algorithms for generating initialization vectors. This allo...
CVE-2026-50210 Weak Static Cryptographic Initialization Vectors
The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...
CVE-2026-50210 Weak Static Cryptographic Initialization Vectors
The device encrypts data using AES-CBC with static zero-filled Initialization Vectors IVs, making it susceptible to replay attacks and known-plaintext decryption...
CVE-2026-5087
CVE-2026-5087 affects PAGI::Middleware::Session::Store::Cookie for Perl, versions up to 0.001003. The root cause is that the store reads random bytes directly from /dev/urandom; if that device is unavailable (e.g., on Windows), it issues a warning and falls back to using the built-in rand() funct...
CVE-2023-31305
Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
EUVD-2019-0751
Malware in sbrugna...
EUVD-2022-30651
Malicious code in bioql PyPI...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
PT-2025-6481 · Intel · Intel Ipp Cryptography
Name of the Vulnerable Software and Affected Versions: IntelR IPP Cryptography software library versions prior to 2021.5 Description: The issue is related to the generation of a weak initialization vector in the IntelR IPP Cryptography software library. This may allow an unauthenticated user to...
CVE-2023-31305
Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...
SUSE CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
Intel® IPP Cryptography Advisory
Summary: A potential security vulnerability in an Intel® Integrated Performance Primitives IPP Cryptography software library may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26083 Description:...