38 matches found
CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...
PT-2023-19753 · Unknown · Dreamer Cms
Name of the Vulnerable Software and Affected Versions: Dreamer CMS versions up to 4.1.3 Description: A vulnerability was found in the Password Hash Calculation component, specifically affecting the updatePwd function of the UserController.java file. This issue leads to inefficient algorithmic...
Debian DSA-5315-1 : libxstream-java - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5315 advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow...
[SECURITY] [DLA 3267-1] libxstream-java security update
Debian LTS Advisory DLA-3267-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 11, 2023 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb10u4 CVE ID : CVE-2022-41966 Debian Bug : 1027754 XStream serializes Java objects to XML a...
libgcrypt security update
1.8.5-7fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-7 - Fix CVE-2021-33560 2018525...
The vulnerability of the PAN-OS operating system, related to insufficient calculation of password hashes, allows attackers to gain unauthorized access to protected information.
The vulnerability of the PAN-OS operating system is related to insufficient calculation of password hashes. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
libgcrypt security update
1.8.5-6fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-6 - Fix for CVE-2021-33560 1971421 - Enable HW optimizations in FIPS 1976137 - Performance enchancements for ChaCha20 and Poly1305 1855231 1.8.5-5 - Performan...
cancel() calculates hashTx in the wrong way
Handle gpersoon Vulnerability details Impact The function cancel of contract QuickAccManager uses the wrong way to calculate the hash that has to be cancelled. It uses: "bytes32 hashTx = keccak256abi.encodeaddressthis, block.chainid, accHash, nonce, txns;" Where it should use "bytes32 hash =...
The vulnerability of the fly-fm file manager, related to insufficient validation of input data, allows a hacker to trigger a service failure.
The vulnerability of the fly-fm file manager is related to incorrect calculation of MD5 in the program window. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Blizmax Flamingoim Path Traversal Vulnerability
Blizmax Flamingoim is a high-performance, lightweight, open source instant messaging software from the individual developers at Blizmax. A path traversal vulnerability exists in Blizmax Flamingoim version 2020-09-29 and earlier, which stems from the fact that the only ostensibly unpredictable par...
DEBIAN-CVE-2018-16657
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. An additional error is present ...
Collection Of Free Computer Forensic Tools
Disk tools and data capture Name | From | Description ---|---|--- DumpIt | MoonSols | Generates physical memory dump of Windows machines, 32 bits 64 bit. Can run from a USB flash drive. EnCase Forensic Imager | Guidance Software | Create EnCase evidence files and EnCase logical evidence files...
Windows RT ARM - Bind Shell Port 4444
Windows RT ARM - Bind Shell Port 4444. Shellcode exploit for arm platform ; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tabl...
MySQL authentication vulnerability
Invalid hash calculation under some platforms allows access without password knowledge...
FreeBSD crypt() implementation vulnerability
8-bit characters are ignored during DES hash calculation...
EMC NetWorker 7.6 sp3 - Denial of Service
EMC NetWorker 7.6 sp3 - Denial of Service Luigi Auriemma Application: EMC NetWorker Legato http://www.emc.com/backup-and-recovery/networker/networker.htm Versions: = 7.6 sp3 7.6.3.2 Build 860 Platforms: AIX, HP-UX, Linux, Solaris, Windows Bug: invalid read access Exploitation: remote Date: 14 Mar...
jBCrypt library cryptographic vulnerability
non-ASCII characters are converted to '?' befor hash calculation...