189 matches found
EUVD-2023-40691
Malicious code in bioql PyPI...
EUVD-2024-39126
Malicious code in bioql PyPI...
SUSE-SU-2025:03227-1 Security update for krb5
This update for krb5 fixes the following issues: - CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...
USN-7542-1 krb5 vulnerability
It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allowrc4 and allowdes3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users a...
USN-7542-1: Kerberos vulnerability
It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. This update introduces the allowrc4 and allowdes3 configuration options, and disables the usage of RC4 and 3DES ciphers by default. Users a...
CVE-2023-36748
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...
CVE-2022-48193
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication SSL...
CVE-2021-32496
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength vulnerability concerning the internal SSH interface solely used by SICK for recovering returned devices. The use of weak ciphers make it easier for an attacker to break the security that protects...
CVE-2020-11487
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may le...
CVE-2020-36363
Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...
CVE-2019-14332
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1...
Weak TLS Ciphers on Brocade SANnav port 443 & 18082. (CVE-2024-10405)
Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoninginformation, WWNs, IP Addresses, but no...
CVE-2024-41681
A vulnerability has been identified in Location Intelligence family All versions V4.4. The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connectio...
CVE-2024-41681
A vulnerability has been identified in Location Intelligence family All versions V4.4. The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connectio...
CVE-2024-41681
Siemens Location Intelligence (web-based Location Intelligence) is affected for all versions before V4.4. The root issue is that the web server is configured to support weak ciphers by default, enabling an on-path attacker in an adjacent network position to read and modify data between clients an...
CVE-2024-41681
A vulnerability has been identified in Location Intelligence family All versions V4.4. The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connectio...
CVE-2024-41681
A vulnerability has been identified in Location Intelligence family All versions V4.4. The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connectio...
PT-2024-7640 · Unknown · Location Intelligence
Name of the Vulnerable Software and Affected Versions: Location Intelligence versions prior to V4.4 Description: The issue is related to insufficiently strong data encryption. This could allow an unauthenticated attacker in an on-path position to read and modify any data passed over the connectio...
CVE-2024-38867
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V9.64, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V9.64, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V9.64, SIPROTEC 5 6MD89 CP300 All versions V9.64, SIPROTEC 5...
CVE-2024-38867
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V9.64, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V9.64, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V9.64, SIPROTEC 5 6MD89 CP300 All versions V9.64, SIPROTEC 5...