CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2018-09-26
Medium
CVE-2018-1785

Updating...
 

 
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.

 
Medium
CVE-2018-1545

Updating...
 

 
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.

 
2018-08-14
Low
CVE-2018-0131

Vendor: Cisco
Software: IOS
 

 
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because the affected software responds incorrectly to decryption failures. An attacker could exploit this vulnerability sending crafted ciphertexts to a device configured with IKEv1 that uses RSA-encrypted nonces. A successful exploit could allow the attacker to obtain the encrypted nonces. Cisco Bug IDs: CSCve77140.

 
2018-08-13
High
CVE-2018-15124

Vendor: Zipato
Software: Zipabox firmware
 

 
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.

 
2018-08-06
Medium
CVE-2017-1366

Vendor: IBM
Software: Security ide...
 

 
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859.

 
2018-06-27
Medium
CVE-2017-16726

Vendor: Beckhoff
Software: Twincat
 

 
Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. An attacker can forge arbitrary ADS packets when legitimate ADS traffic is observable.

 
2018-06-18
Medium
CVE-2018-9028

Updating...
 

 
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.

 
2018-06-11
Medium
CVE-2018-5184

Vendor: Mozilla
Software: Thunderbird
 

 
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

 
2018-05-23
Low
CVE-2017-2598

Vendor: Jenkins
Software: Jenkins
 

 
Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).

 
2018-05-18
Low
CVE-2017-9635

Vendor: Schneider-electric
Software: Ampla manufa...
 

 
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top