Lucene search
K

38 matches found

Cvelist
Cvelist
added 2023/05/02 12:0 p.m.52 views

CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...

4.3CVSS7.7AI score0.00929EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/02 12:0 p.m.12 views

CVE-2023-2473 Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...

4.3CVSS4.7AI score0.00929EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/02 12:0 a.m.11 views

PT-2023-19753 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS versions up to 4.1.3 Description: A vulnerability was found in the Password Hash Calculation component, specifically affecting the updatePwd function of the UserController.java file. This issue leads to inefficient algorithmic...

7.5CVSS7.1AI score0.00929EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.40 views

Debian DSA-5315-1 : libxstream-java - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5315 advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow...

8.2CVSS7AI score0.08689EPSS
Exploits1References6
Debian
Debian
added 2023/01/11 10:54 p.m.40 views

[SECURITY] [DLA 3267-1] libxstream-java security update

Debian LTS Advisory DLA-3267-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 11, 2023 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb10u4 CVE ID : CVE-2022-41966 Debian Bug : 1027754 XStream serializes Java objects to XML a...

8.2CVSS6.8AI score0.08689EPSS
Exploits1
Oracle linux
Oracle linux
added 2022/07/07 12:0 a.m.442 views

libgcrypt security update

1.8.5-7fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-7 - Fix CVE-2021-33560 2018525...

7.5CVSS1AI score0.02342EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.7 views

The vulnerability of the PAN-OS operating system, related to insufficient calculation of password hashes, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PAN-OS operating system is related to insufficient calculation of password hashes. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.1CVSS5.4AI score0.00122EPSS
Exploits0References3Affected Software1
Oracle linux
Oracle linux
added 2022/04/06 12:0 a.m.92 views

libgcrypt security update

1.8.5-6fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-6 - Fix for CVE-2021-33560 1971421 - Enable HW optimizations in FIPS 1976137 - Performance enchancements for ChaCha20 and Poly1305 1855231 1.8.5-5 - Performan...

7.5CVSS0.8AI score0.02342EPSS
Exploits0
Code423n4
Code423n4
added 2021/10/16 12:0 a.m.14 views

cancel() calculates hashTx in the wrong way

Handle gpersoon Vulnerability details Impact The function cancel of contract QuickAccManager uses the wrong way to calculate the hash that has to be cancelled. It uses: "bytes32 hashTx = keccak256abi.encodeaddressthis, block.chainid, accHash, nonce, txns;" Where it should use "bytes32 hash =...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.13 views

The vulnerability of the fly-fm file manager, related to insufficient validation of input data, allows a hacker to trigger a service failure.

The vulnerability of the fly-fm file manager is related to incorrect calculation of MD5 in the program window. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

4CVSS5.5AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/12/26 12:0 a.m.6 views

Blizmax Flamingoim Path Traversal Vulnerability

Blizmax Flamingoim is a high-performance, lightweight, open source instant messaging software from the individual developers at Blizmax. A path traversal vulnerability exists in Blizmax Flamingoim version 2020-09-29 and earlier, which stems from the fact that the only ostensibly unpredictable par...

7.5CVSS7.2AI score0.01617EPSS
Exploits1References2
OSV
OSV
added 2018/09/07 2:29 p.m.2 views

DEBIAN-CVE-2018-16657

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. An additional error is present ...

9.8CVSS6.9AI score0.03581EPSS
Exploits1References1
Kitploit
Kitploit
added 2014/02/04 9:49 p.m.239 views

Collection Of Free Computer Forensic Tools

Disk tools and data capture Name | From | Description ---|---|--- DumpIt | MoonSols | Generates physical memory dump of Windows machines, 32 bits 64 bit. Can run from a USB flash drive. EnCase Forensic Imager | Guidance Software | Create EnCase evidence files and EnCase logical evidence files...

6.3AI score
Exploits0References4
Exploit DB
Exploit DB
added 2013/07/28 12:0 a.m.43 views

Windows RT ARM - Bind Shell Port 4444

Windows RT ARM - Bind Shell Port 4444. Shellcode exploit for arm platform ; Title: Windows RT ARM Bind Shell Port 4444 ; Date: July 28, 2013 ; Author: Matthew Graeber @mattifestation ; Blog post: http://www.exploit-monday.com/2013/07/WinRT-ARM-Shellcode.html ; Tested on: Microsoft Surface RT Tabl...

Exploits0
securityvulns
securityvulns
added 2012/06/12 12:0 a.m.69 views

MySQL authentication vulnerability

Invalid hash calculation under some platforms allows access without password knowledge...

5.1CVSS2.2AI score0.96188EPSS
Exploits9References1Affected Software1
securityvulns
securityvulns
added 2012/05/31 12:0 a.m.48 views

FreeBSD crypt() implementation vulnerability

8-bit characters are ignored during DES hash calculation...

4.3CVSS2.5AI score0.05734EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2012/03/14 12:0 a.m.23 views

EMC NetWorker 7.6 sp3 - Denial of Service

EMC NetWorker 7.6 sp3 - Denial of Service Luigi Auriemma Application: EMC NetWorker Legato http://www.emc.com/backup-and-recovery/networker/networker.htm Versions: = 7.6 sp3 7.6.3.2 Build 860 Platforms: AIX, HP-UX, Linux, Solaris, Windows Bug: invalid read access Exploitation: remote Date: 14 Mar...

Exploits0
securityvulns
securityvulns
added 2010/02/04 12:0 a.m.20 views

jBCrypt library cryptographic vulnerability

non-ASCII characters are converted to '?' befor hash calculation...

2.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder