Show filters
183 Total Results
Displaying 51-60 of 183
Sort by:
Attacker Value
Unknown

CVE-2021-37588

Disclosure Date: July 30, 2021 (last updated February 23, 2025)
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.
Attacker Value
Unknown

CVE-2021-37587

Disclosure Date: July 30, 2021 (last updated February 23, 2025)
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.
Attacker Value
Unknown

CVE-2021-20337

Disclosure Date: July 23, 2021 (last updated February 23, 2025)
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448.
Attacker Value
Unknown

CVE-2021-2351

Disclosure Date: July 21, 2021 (last updated February 23, 2025)
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: The July 2021 Critical Patch Update introduces a number of Native Network Encryption changes to deal with vulnerability CVE-2021-2351 and prevent the use of weaker ciphers. Customers should review: "Changes in Native Network Encryption with the July 2021 Critical Patch Update" (Doc ID 2791571.1). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/A…
0
Attacker Value
Unknown

CVE-2021-34687

Disclosure Date: July 15, 2021 (last updated February 23, 2025)
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.
Attacker Value
Unknown

CVE-2021-20497

Disclosure Date: July 13, 2021 (last updated February 23, 2025)
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969
Attacker Value
Unknown

CVE-2021-29794

Disclosure Date: July 09, 2021 (last updated February 23, 2025)
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 203556.
Attacker Value
Unknown

CVE-2021-20379

Disclosure Date: July 06, 2021 (last updated February 23, 2025)
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195711.
Attacker Value
Unknown

CVE-2021-20566

Disclosure Date: June 15, 2021 (last updated February 22, 2025)
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.
Attacker Value
Unknown

CVE-2020-26515

Disclosure Date: June 08, 2021 (last updated February 22, 2025)
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The remember-me cookie (CB_LOGIN) issued by the application contains the encrypted user's credentials. However, due to a bug in the application code, those credentials are encrypted using a NULL encryption key.