Lucene search
+L

235 matches found

CVE
CVE
added 2020/08/14 6:45 p.m.80 views

CVE-2020-15692

CVE-2020-15692 refers to Nim 1.2.4, where the standard library’s browsers.openDefaultBrowser mishandles the URL argument, allowing an attacker to pass a single argument to the open command that can execute arbitrary commands. Connected advisories and OSV entries document this as a Nim security is...

10CVSS9.3AI score0.04205EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2020/01/03 12:0 a.m.2 views

Unspecified vulnerability in HTTP authentication library for Nim

HTTP authentication library for Nim is an HTTP authentication library for the Nim language. A security vulnerability exists in versions of HTTP authentication library for Nim prior to 2019-12-27, which stems from the program failing to use the default algorithm used for the 'cryptopwhashstr'...

7.5CVSS7.1AI score0.00832EPSS
Exploits0References1
NVD
NVD
added 2019/12/30 2:15 p.m.15 views

CVE-2019-20138

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

7.5CVSS7.8AI score0.00832EPSS
Exploits0References1
OSV
OSV
added 2019/12/30 2:15 p.m.10 views

CVE-2019-20138

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

7.5CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2019/12/30 2:15 p.m.16 views

Authentication flaw

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

5CVSS7.8AI score0.00832EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/12/30 1:56 p.m.62 views

CVE-2019-20138

CVE-2019-20138 affects Nim’s HTTP Authentication library up to 2019-12-27. The root cause is failing to use libsodium’s default password-hash algorithm (crypto_pwhash_str), leading to weak password hashing. Impact is described as weak authentication security; CVSS notes show high severity (3.1) w...

7.5CVSS7.7AI score0.00832EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/30 1:56 p.m.21 views

CVE-2019-20138

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

7.8AI score0.00832EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/09/24 3:10 p.m.68 views

Zebrocy Retools for New Political Attacks

The APT known as the Sednit threat group also known as Sofacy, APT28 and Fancy Bear has kicked off a fresh spearphishing campaign, that was spotted targeting government entities with the Zebrocy backdoor. The malware features a rewritten and newly-improved backdoor and downloader, indicating an...

7.8AI score
Exploits0References12
Kitploit
Kitploit
added 2019/08/14 10:0 p.m.68 views

DrMITM - Program Designed To Globally Log All Traffic Of A Website

DrMITM is a program designed to globally log all traffic. How it works DrMITM sends a request to website and returns the IP of the website just in case the server of the website is designed to rely on the website IP for requests, and the request that goes to the website also ends up being sent to...

7.4AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/09/05 4:19 p.m.10 views

nim-khi.edu.pk XSS vulnerability

Open Bug Bounty ID: OBB-673395 Description| Value ---|--- Affected Website:| nim-khi.edu.pk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.151 views

Novell GroupWise Messenger Client <= 2.1.0 Unicode Stack Overflow

No description provided by source. Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Feb 2012 found 09 May 2011 Autho...

7.1AI score
Exploits0
CVE
CVE
added 2013/03/29 10:0 a.m.140 views

CVE-2013-1085

CVE-2013-1085 affects the nim protocol handler in Novell GroupWise Messenger (GroupWise Messenger 2.04 and earlier) and Novell Messenger 2.1.x/2.2.x before 2.2.2. It is a stack-based buffer overflow triggered by an import command with a long filename parameter, allowing remote code execution. Exp...

9.3CVSS8.3AI score0.05591EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2012/02/16 12:0 a.m.19 views

Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow

Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Fe...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/02/16 12:0 a.m.29 views

Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow

Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Feb 2012 found 09 May 2011 Author: Luigi Auriemma e-mail:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.13 views

AIX 530008 : U822075

The remote host is missing AIX PTF U822075 which is related to the security of the package bos.sysmgt.nim.client You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
Rows per page
Query Builder