Information disclosure

A vulnerability, which was classified as problematic, was found in viafintech Barzahlen Payment Module PHP SDK up to 2.0.0. Affected is the function verify of the file src/Webhook.php. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The...

CVE-2016-15015 viafintech Barzahlen Payment Module PHP SDK Webhook.php verify timing discrepancy

A vulnerability, which was classified as problematic, was found in viafintech Barzahlen Payment Module PHP SDK up to 2.0.0. Affected is the function verify of the file src/Webhook.php. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The...

CVE-2014-125056

A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known t...

Design/Logic Flaw

A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known t...

easy-scrypt Observable Timing Discrepancy vulnerability

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 can address this issue. The name of the patch is...

GHSA-R894-5R7V-7RX3 easy-scrypt Observable Timing Discrepancy vulnerability

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 can address this issue. The name of the patch is...

CVE-2014-125055

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...

CVE-2014-125056

CVE-2014-125056 affects Pylons Horus, specifically an unknown functionality in the file horus/flows/local/services.py where manipulation leads to an observable timing discrepancy. The sources consistently describe high attack complexity and difficult exploitation. A patch identified as fd56ccb62c...

CVE-2014-125056 Pylons horus services.py timing discrepancy

A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known t...

CVE-2014-125056 Pylons horus services.py timing discrepancy

A vulnerability was found in Pylons horus and classified as problematic. Affected by this issue is some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation is known t...

CVE-2014-125055 agnivade easy-scrypt scrypt.go VerifyPassphrase timing discrepancy

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...

CVE-2014-125055

The CVE concerns the Go library agnivade/easy-scrypt. Affected is the VerifyPassphrase function in scrypt.go, where an observable timing discrepancy is introduced due to the underlying implementation flaw. Per multiple sources, upgrading to version 1.0.0 fixes the issue (patch: 477c10cf3b144ddf96...

Observable Timing Discrepancy

A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is...

PT-2023-10126 · Unknown · Pylons Horus

Name of the Vulnerable Software and Affected Versions: Pylons horus affected versions not specified Description: A vulnerability was found in Pylons horus, classified as problematic, affecting some unknown functionality of the file horus/flows/local/services.py. The manipulation leads to observab...

horus 安全漏洞

horus is a Pyramid Web framework user registration and login system open-sourced by Pylons Project. A security vulnerability exists in Pylons horus. An attacker exploited the vulnerability to cause an observable time discrepancy...

PT-2023-10125 · Agnivade · Easy-Scrypt

Name of the Vulnerable Software and Affected Versions: agnivade easy-scrypt versions prior to 1.0.0 Description: A vulnerability was found in agnivade easy-scrypt, affecting the VerifyPassphrase function of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexit...

Design/Logic Flaw

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. The...

CVE-2013-10006

Affected software: Ziftr primecoin up to 0.8.4rc1. The issue is in HTTPAuthorized in src/bitcoinrpc.cpp, where manipulation of the arguments strUserPass/strRPCUserColonPass leads to observable timing discrepancies. Exploitation complexity is described as high and exploitation appears difficult. R...

CVE-2013-10006 Ziftr primecoin bitcoinrpc.cpp HTTPAuthorized timing discrepancy

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. The...