929 matches found
CVE-2019-5135
An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...
Authentication flaw
An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...
CVE-2019-5135
An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...
WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability
Summary An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials...
Exploit for Observable Discrepancy in Spip
CVE-2019-16394 A simple POC python script of CVE-2019-16394...
RUSTSEC-2020-0156 Observable Discrepancy in libsecp256k1-rs
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
Observable Discrepancy in libsecp256k1-rs
A timing vulnerability in the Scalar::checkoverflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack...
CVE-2019-16761
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions 1.0....
CVE-2019-16762
CVE-2019-16762 describes a discrepancy between SLP consensus rules and slpjs validation caused by specially crafted Bitcoin scripts, enabling a potential hard-fork from the SLP consensus. Multiple linked sources identify slpjs as the affected component and show that upgrading to version 0.21.4 or...
GHSA-425C-CCF3-3JRR Critical severity vulnerability that affects slpjs
Validator parsing discrepancy due to string encoding Impact A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a...
CVE-2019-3732
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 in 4.0.x and versions prior to 4.1.3.3 in 4.1.x, and RSA Micro Edition Suite, versions prior to 4.0.11 in 4.0.x versions prior to 4.1.6.1 in 4.1.x and versions prior to 4.3.3 4.2.x and 4.3.x are vulnerable to an Information Exposure...
CVE-2019-3731
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of...
CVE-2019-3731
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of...
Information disclosure
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 in 4.0.x and versions prior to 4.1.3.3 in 4.1.x, and RSA Micro Edition Suite, versions prior to 4.0.11 in 4.0.x versions prior to 4.1.6.1 in 4.1.x and versions prior to 4.3.3 4.2.x and 4.3.x are vulnerable to an Information Exposure...
Information disclosure
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of...
CVE-2019-3731
The CVE-2019-3731 entry affects Dell RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite. Affected versions are Crypto-C Micro Edition before 4.1.4 and Micro Edition Suite before 4.4. The issue is an Information Disclosure Through Timing Discrepancy, enabling a remote attacker to potenti...
CVE-2019-3732
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 in 4.0.x and versions prior to 4.1.3.3 in 4.1.x, and RSA Micro Edition Suite, versions prior to 4.0.11 in 4.0.x versions prior to 4.1.6.1 in 4.1.x and versions prior to 4.3.3 4.2.x and 4.3.x are vulnerable to an Information Exposure...
CVE-2019-3732
CVE-2019-3732 affects Dell RSA BSAFE Crypto-C Micro Edition (pre-4.0.5.3 in 4.0.x and pre-4.1.3.3 in 4.1.x) and Dell RSA BSAFE Micro Edition Suite (pre-4.0.11 in 4.0.x, pre-4.1.6.1 in 4.1.x, pre-4.3.3 in 4.2.x/4.3.x). The vulnerability is an Information Disclosure Through Timing Discrepancy, allo...
CVE-2019-3731
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of...
CVE-2019-3740
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys...