929 matches found
CVE-2020-35167
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...
CVE-2020-35167
Technical details for CVE-2020-35167 are not publicly available in the provided documents. Monitor for updates and additional sources.
CVE-2020-35166
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...
CVE-2020-35166
CVE-2020-35166 affects Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.6) with an Observable Timing Discrepancy Vulnerability. The Initial Description specifies the affected products/versions and that the vulnerability is timing-related, implying potential ...
CVE-2020-35164
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...
CVE-2020-29506
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability...
CVE-2020-29506
Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.5.2) contain an Observable Timing Discrepancy Vulnerability. The issue is documented with concrete vulnerable components and affected versions; upgrading to 4.1.5 and 4.5.2 respectively...
PT-2022-8920 · Dell · Dell Bsafe Crypto-C Micro Edition +1
Name of the Vulnerable Software and Affected Versions: Dell BSAFE Crypto-C Micro Edition versions prior to 4.1.5 Dell BSAFE Micro Edition Suite versions prior to 4.6 Description: The issue is related to an Observable Timing Discrepancy. This means that the time it takes for the software to respon...
PT-2022-8918 · Dell · Dell Bsafe Crypto-C Micro Edition +1
Name of the Vulnerable Software and Affected Versions: Dell BSAFE Crypto-C Micro Edition versions prior to 4.1.5 Dell BSAFE Micro Edition Suite versions prior to 4.6 Description: The issue is related to an Observable Timing Discrepancy, which may allow attackers to exploit the vulnerability...
PT-2022-8914 · Dell · Dell Bsafe Crypto-C Micro Edition +1
Name of the Vulnerable Software and Affected Versions: Dell BSAFE Crypto-C Micro Edition versions prior to 4.1.5 Dell BSAFE Micro Edition Suite versions prior to 4.5.2 Description: The issue is related to an Observable Timing Discrepancy, which may allow for exploitation. The estimated number of...
PT-2022-8919 · Dell · Dell Bsafe Crypto-C Micro Edition +1
Name of the Vulnerable Software and Affected Versions: Dell BSAFE Crypto-C Micro Edition versions prior to 4.1.5 Dell BSAFE Micro Edition Suite versions prior to 4.6 Description: The issue is related to an Observable Timing Discrepancy, which may allow attackers to exploit the vulnerability...
PT-2022-8921 · Dell · Dell Bsafe Crypto-C Micro Edition +1
Name of the Vulnerable Software and Affected Versions: Dell BSAFE Crypto-C Micro Edition versions prior to 4.1.5 Dell BSAFE Micro Edition Suite versions prior to 4.6 Description: The issue is related to an Observable Timing Discrepancy, which may allow attackers to exploit the vulnerability...
CVE-2022-31111 Discrepency in transfer value and actual value due to incorrect truncation in Frontier
Frontier is Substrate's Ethereum compatibility layer. In affected versions the truncation done when converting between EVM balance type and Substrate balance type was incorrectly implemented. This leads to possible discrepancy between appeared EVM transfer value and actual Substrate value...
lender variable in is not the same as constructory and method in the construcotr ther is no check for address zero
Lines of code Vulnerability details Impact lender variable not the same as constructory and method its no check for address zero Recommended Mitigation Steps check for address zero in the constructor --- The text was updated successfully, but these errors were encountered: 😕 1 KenzoAgada reacted...
Observable timing discrepancy allows determining username validity in Jenkins
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. This...
CVE-2022-34174
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...
CVE-2022-34174
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...
CVE-2022-34174
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...
Default credentials
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...
FreeBSD : jenkins -- multiple vulnerabilities (25be46f0-f25d-11ec-b62a-00e081b7aa2d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 25be46f0-f25d-11ec-b62a-00e081b7aa2d advisory. - In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both...