Timing Attack

github.com/hashicorp/vault is vulnerable to timing attacks. The application is vulnerable because they do not compare nonces in constant-time, which allows attackers to use the timing of the request to progressively identify a valid nonce...

Smooth Slider <= 2.8.6 - Authenticated SQL Injection

During the security analysis, ThunderScan discovered SQL injection vulnerability in Smooth Slider WordPress plugin. The easiest way to reproduce the vulnerability is to visit the provided URL while being logged in as administrator or another user that is authorized to access the plugin settings...

WordPress Clean Up Optimizer 4.0.0 SQL Injection Vulnerability

WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability. Advisory Title: WordPress Clean Up Optimizer Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Clean Up Optimizer plugin Language:...

PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol

CVSS v3 8.1 ATTENTION: Low skill level is needed to exploit. Public exploits are available. Vendor: PEPPERL+FUCHS/ecom instruments Equipment: WLAN capable devices using the WPA2 Protocol Vulnerabilities: Reusing a Nonce AFFECTED PRODUCTS PEPPERL+FUCHS/ecom instruments reports that these...

PHOENIX CONTACT WLAN Capable Devices using the WPA2 Protocol

CVSS v3 6.8 ATTENTION: Public exploits are available. Vendor: PHOENIX CONTACT Equipment: WLAN capable devices using the WPA2 Protocol Vulnerabilities: Reusing a Nonce AFFECTED PRODUCTS PHOENIX CONTACT reports that these vulnerabilities affect all versions of the following WLAN capable devices usi...

tchimberaid.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-399555 Description| Value ---|--- Affected Website:| tchimberaid.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet...

downtownmarion.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-399481 Description| Value ---|--- Affected Website:| downtownmarion.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet...

Internet Bug Bounty: Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

Full background information is at krackattacks.com and all detailed information can be found in our research paper. Key Reinstallation Attack: 4-way handshake example We use the 4-way handshake to illustrate the idea behind key reinstallation attacks CVE-2017-13077. Note that in practice, all...

Rockwell Automation Stratix 5100 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.9 ATTENTION: Exploitable remotely/public exploits are available Vendor: Rockwell Automation Equipment: Stratix 5100 Wireless Access Point/Workgroup Bridge Vulnerability: Reusing a Nonce 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...

WordPress Simple Login Log 1.1.1 SQL Injection Vulnerability

WordPress Simple Login Log plugin version 1.1.1 suffers from multiple remote SQL injection vulnerabilities. Advisory Title: WordPress Simple Login Log Plugin Multiple SQL A Injection Security Vulnerabilities Advisory URL:A A http://www.defensecode.com/advisories.php Software:A A A A A A WordPress...

WordPress Content Audit 1.9.1 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

WordPress Content Audit plugin version 1.9.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Details ================ Software: Content Audit Version: 1.9.1 Homepage: https://wordpress.org/plugins/content-audit/ Advisory report:...

WordPress Content Audit 1.9.1 Cross Site Request Forgery / Cross Site Scripting

Details ================ Software: Content Audit Version: 1.9.1 Homepage: https://wordpress.org/plugins/content-audit/ Advisory report: https://security.dxw.com/advisories/csrf-xss-content-audit/ CVE: Awaiting assignment CVSS: 5.8 Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N Description ================...

Moxa AWK-3131A Web Application Nonce Reuse Vulnerability(CVE-2016-8712)

Summary An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. Teste...

CVE-2017-14423

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...

CVE-2017-14423

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...

Code injection

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...

CVE-2017-14423

htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...

PT-2017-13467 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 Description: The issue allows remote attackers to change the DNS configuration via a series of requests, due to the failure to prevent unauthenticated nonce-guessing attacks in the...

Updated dbus packages fix security vulnerabilities

A format string vulnerability in the reference bus implementation, dbus-daemon, could potentially allow local users to cause arbitrary code execution or denial of service. Symlink attack in nonce-tcp transport bsc1025950. Symlink attack in unit tests bsc1025951...