Memory corruption

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field username, realm, nonce, uri, or response, only the last instance can ever be freed...

UBUNTU-CVE-2019-7732

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field username, realm, nonce, uri, or response, only the last instance can ever be freed...

CVE-2019-7732

Removed by vendor...

Stryker Medical Beds

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Public exploits are available Vendor: Stryker Equipment: Secure II MedSurg Bed, S3 MedSurg Bed, and InTouch ICU Bed Vulnerability: Reusing a Nonce 2. RISK EVALUATION Successful exploitation of this vulnerability could allow data traffic manipulation,...

Nonce Values Unchecked

python-oauth2 is vulnerable to replay attacks. This vulnerability is caused in the Server.verifyrequest function where it does not check the nonce value, allowing remote attackers to perform replay attacks through a signed URL...

WordPress MapSVG Lite 3.2.3 Cross Site Request Forgery

Details ================ Software: MapSVG Lite Version: 3.2.3 Homepage: https://en-gb.wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/ Advisory report: https://advisories.dxw.com/advisories/csrf-mapsvg-lite/ CVE: Awaiting assignment CVSS: 5.8 Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N Descripti...

CVE-2018-20231

Cross Site Request Forgery CSRF in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfaenabletfa parameter due to missing nonce validation...

Code injection

An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.. Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending...

CVE-2018-19983

An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.. Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending...

CVE-2018-19983

An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.. Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending...

CVE-2018-19983

CVE-2018-19983 affects Sigma Design Z-Wave devices (S0 through S2). An attacker can perform a DoS by repeatedly sending divided Nonce Get frames (0x98 0x81). In S0, upon receiving a Nonce Get, the node generates and sends a new nonce, then waits; if another Nonce Get arrives, the previous nonce i...

httpd: Weak Digest auth nonce generation in mod_auth_digest

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability

Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to...

Replay Attack

auth0 is vulnerable to replay attacks. The authentication renew request does not include a nonce, which would allow an attacker to replay an old renewAuth request to obtain a valid session...

SUSE-SU-2018:1161-2 Security update for apache2

This update for apache2 fixes the following issues: CVE-2018-1283: when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a 'Session' header leading to unexpected behavior bsc1086814...

CVE-2018-16242

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

Design/Logic Flaw

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

CVE-2018-16242

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...

CVE-2018-16242

The CVE-2018-16242 entry describes oBike’s use of Hangzhou Luoping Smart Locker, where an attacker can bypass the locking mechanism by replaying ciphertext in a BLE-based protocol that uses a predictable nonce. Affected component is the bicycle lock system's BLE lock protocol; the underlying issu...

oBike Electronic Lock Bypass

CVE-2018-16242 - oBike Electronic Lock Bypass Product: oBike bicycle-sharing service Vendor: oBike Inc. CVE ID: CVE-2018-16242 Subject: Access control bypass by replay attack on predictable nonce Effect: Unauthorized unlocking of bikes, cirumventing the ride-fees Author: Antoine Neuenschwander...