Security Bulletin: IBM Match 360 is vulnerable to Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes (CVE-2020-14422)

Summary Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or...

xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow...

PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow...

EulerOS Virtualization 2.9.1 : python-pip (EulerOS-SA-2023-1201)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, whic...

CVE-2022-30126

creationtimestamp| type| source ---|---|--- 2022-05-16 20:40:16+00:00| seen| https://t.me/cibsecurity/42763 2022-05-31 18:18:50+00:00| seen| https://t.me/cibsecurity/43564 2022-06-28 02:35:07+00:00| seen| https://t.me/cibsecurity/45253...

Gurock Software Gurock TestRail 信息泄露漏洞

Gurock Software Gurock TestRail is a web-based test case management software for QA and development teams from Gurock Software. The software supports the creation of test cases, the management of test suites and the coordination of the testing process. Gurock Software An information disclosure...

D-Link DVX-2000MS Default Account Vulnerability

A security vulnerability exists in the D-Link DVX-2000MS, a hardware for IP telephony systems from D-Link in Taiwan, China. file contains hard-coded credentials that do not record user accounts. An attacker could exploit this vulnerability to recover plaintext passwords from hash values...

CVE-2021-39614

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values...

Hardcoded credentials

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. As weak passwords have been used, the plaintext passwords can be recovered from the hash values...

CVE-2021-39614

CVE-2021-39614 affects D-Link DVX-2000MS. The vulnerability arises from hard-coded credentials for undocumented user accounts stored in the "/etc/passwd" file, with weak passwords allowing plaintext passwords to be recovered from hash values. The connected documents confirm the product and the ro...

CVE-2021-39613

The CVE affects D-Link DVG-3104MS devices (firmware versions 1.0.2.0.3, 1.0.2.0.4, and 1.0.2.0.4E) where hard-coded credentials for undocumented accounts exist in /etc/passwd. This leads to plaintext passwords recoverable from stored hashes, with impact described as confidentially/high integrity/...

D-Link DVX-2000MS 信任管理问题漏洞

A security vulnerability exists in the D-Link DVX-2000MS, a hardware for IP telephony systems from D-Link in Taiwan, China. file contains hard-coded credentials that do not record user accounts. An attacker could exploit this vulnerability to recover plaintext passwords from hash values...

EulerOS 2.0 SP8 : python-ipaddress (EulerOS-SA-2021-2313)

According to the version of the python-ipaddress packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allo...

Uchihash - A Small Utility To Deal With Malware Embedded Hashes

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dynamically importing APIs especially in shellcode Checking running process used by analysts Anti-Analysis Checking VM or Antivirus artifacts Anti-Analysis...

NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2021-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by multiple vulnerabilities: - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to...

EulerOS 2.0 SP3 : python-ipaddress (EulerOS-SA-2021-1115)

According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...

Oracle Linux 7 : python3 (ELSA-2020-5010)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5010 advisory. - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 Tenable has extracted the preceding description blo...

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2020-2472)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-ipaddress (EulerOS-SA-2020-2438)

According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...