CVE-2026-11347 Hardcoded Cryptographic Keys and Weak IV Generation in linqi

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

CVE-2026-11347

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

CVE-2023-31305

Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...

CVE-2020-11877

airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector IV for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code...

BT Home Hub管理员口令泄露漏洞

BUGTRAQ ID: 29387 BT Home Hub是家用的无线Internet路由器。 BT Home Hub的最新固件版本添加了一个新的安全功能，允许将默认的管理员口令从admin更改为路由器的序列号，但只要向路由器所在的网络发送MDAP多播请求就可以得到Home Hub的序列号。 如果要利用这个漏洞，攻击者必须通过ethernet或Wi-Fi加入到Home Hub所在的LAN。有两种方式可以入侵到BT Home Hub Wi-Fi网络： - arp回放注入和弱IV破解 - 通过SSID暴力猜测Home Hub的默认WEP密钥列表 British...

SuSE 10 Security Update : openCryptoki (ZYPP Patch Number 4244)

The openCryptoki crypto framework package has been updated to fix a incorrect crypto initialisation which leads to weak IV initial vectors. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...