php: Password_verify() always return true with some hash

A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid...

CLSA-2023-1678396156 php: Fix of 3 CVEs

CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body...

CLSA-2023-1678395661 php: Fix of 3 CVEs

CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body...

PT-2022-28091 · Tss-Lib · Tss-Lib

Name of the Vulnerable Software and Affected Versions: tss-lib versions prior to 2.0.0 Description: The issue concerns a collision of hash values. This collision can potentially lead to security issues, although specific details about exploitation or affected devices are not provided...

Qualcomm 芯片 授权问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm Chip BSP module that stems fro...

Teradici PCoIP Zero Clients 信任管理问题漏洞

Teradici PCoIP Zero Clients is an ultra-secure endpoint from Teradici Canada. It uses a highly integrated, specialized processor to transmit pixels, not data, to the user's desktop. A trust management issue vulnerability exists in Teradici PCoIP Zero Clients Firmware version 22.01.5, 22.04.1 and...

Qualcomm 芯片 代码问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A code issue vulnerability exists in multiple Qualcomm...

curl: CVE-2021-22922: Wrong content via metalink not discarded

Summary: When compiled --with-libmetalink and used with --metalink curl does check the cryptographics hash of the downloaded files. However, the only indication that the hash was incorrect is a message displayed to the user. The files with incorrect hashes are left to the disk as-is. Since curl...

UBUNTU-CVE-2019-15608

The package integrity validation in yarn 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack...

Debian: Security Advisory (DSA-4609-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4247-3 python-apt vulnerabilities

USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...

Telerik Fiddler Elevation of Privilege Vulnerability

Telerik Fiddler is an HTTP protocol debugging proxy tool. A security vulnerability exists in Telerik Fiddler version 5.0.20182.28034, which stems from the program failing to validate the hash value of the EnableLoopback.exe file before running it. An attacker could exploit the vulnerability to...

DEBIAN-CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

DEBIAN-CVE-2015-4050

FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the controller attribute is set, which allows remote attackers to bypass URL signing and security...