235 matches found
CVE-2020-15692
CVE-2020-15692 refers to Nim 1.2.4, where the standard library’s browsers.openDefaultBrowser mishandles the URL argument, allowing an attacker to pass a single argument to the open command that can execute arbitrary commands. Connected advisories and OSV entries document this as a Nim security is...
Unspecified vulnerability in HTTP authentication library for Nim
HTTP authentication library for Nim is an HTTP authentication library for the Nim language. A security vulnerability exists in versions of HTTP authentication library for Nim prior to 2019-12-27, which stems from the program failing to use the default algorithm used for the 'cryptopwhashstr'...
CVE-2019-20138
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...
CVE-2019-20138
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...
Authentication flaw
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...
CVE-2019-20138
CVE-2019-20138 affects Nim’s HTTP Authentication library up to 2019-12-27. The root cause is failing to use libsodium’s default password-hash algorithm (crypto_pwhash_str), leading to weak password hashing. Impact is described as weak authentication security; CVSS notes show high severity (3.1) w...
CVE-2019-20138
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...
Zebrocy Retools for New Political Attacks
The APT known as the Sednit threat group also known as Sofacy, APT28 and Fancy Bear has kicked off a fresh spearphishing campaign, that was spotted targeting government entities with the Zebrocy backdoor. The malware features a rewritten and newly-improved backdoor and downloader, indicating an...
DrMITM - Program Designed To Globally Log All Traffic Of A Website
DrMITM is a program designed to globally log all traffic. How it works DrMITM sends a request to website and returns the IP of the website just in case the server of the website is designed to rely on the website IP for requests, and the request that goes to the website also ends up being sent to...
nim-khi.edu.pk XSS vulnerability
Open Bug Bounty ID: OBB-673395 Description| Value ---|--- Affected Website:| nim-khi.edu.pk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Novell GroupWise Messenger Client <= 2.1.0 Unicode Stack Overflow
No description provided by source. Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Feb 2012 found 09 May 2011 Autho...
CVE-2013-1085
CVE-2013-1085 affects the nim protocol handler in Novell GroupWise Messenger (GroupWise Messenger 2.04 and earlier) and Novell Messenger 2.1.x/2.2.x before 2.2.2. It is a stack-based buffer overflow triggered by an import command with a long filename parameter, allowing remote code execution. Exp...
Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow
Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Fe...
Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow
Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Feb 2012 found 09 May 2011 Author: Luigi Auriemma e-mail:...
AIX 530008 : U822075
The remote host is missing AIX PTF U822075 which is related to the security of the package bos.sysmgt.nim.client You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...