73 matches found
CVE-2025-30343
A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file o...
OpenSlides 安全漏洞
OpenSlides is a free, web-based presentation and assembly system from OpenSlides Open Source. It is used to manage and project agendas, motions and elections for assemblies. A security vulnerability exists in versions of OpenSlides prior to 4.2.5, which stems from a directory traversal issue in t...
openslides-presenter (=2.0.3), openslides-protocol (=1.0.0) +2 more potentially affected by CVE-2024-22893 via openslides (>=2.1.1 <=2.2.0)
openslides PYPI version =2.1.1, =2.0.1, =2.0.2 Source cves: CVE-2024-22893 Source advisory: OSV:PYSEC-2024-290...
CVE-2024-22892
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...
CVE-2024-22893
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack...
PYSEC-2024-290
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack...
CVE-2024-22893
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack...
PYSEC-2024-290
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack...
CVE-2024-22892
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...
PYSEC-2024-99
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...
PYSEC-2024-99
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...
openslides-presenter (=2.0.3), openslides-protocol (=1.0.0) +2 more potentially affected by CVE-2024-22892 via openslides (>=2.1.1 <=2.2.0)
openslides PYPI version =2.1.1, =2.0.1, =2.0.2 Source cves: CVE-2024-22892 Source advisory: OSV:PYSEC-2024-99...
CVE-2024-22892
OpenSlides 4.0.15 is affected by a vulnerability due to using a weak hashing algorithm for password storage. The CVE-2024-22892 entry, with a CVSS v3.1 base score of 7.5 (HIGH), indicates network attack potential with low complexity and no privileges required. The issue targets the password hashi...
OpenSlides 安全漏洞
OpenSlides is a free, web-based presentation and assembly system from OpenSlides Open Source. It is used to manage and project agendas, motions and elections for assemblies. A security vulnerability exists in OpenSlides version 4.0.15 that originates from validating a password by comparing the...
OpenSlides 安全漏洞
OpenSlides is a free, web-based presentation and assembly system from OpenSlides Open Source. It is used to manage and project agendas, motions and elections for assemblies. A security vulnerability exists in OpenSlides version 4.0.15 that stems from the use of a weak hash algorithm to store...
PT-2024-19601 · Unknown · Openslides
Name of the Vulnerable Software and Affected Versions: OpenSlides version 4.0.15 Description: The issue allows attackers to obtain information about the password hash using a timing attack, as the password verification function in OpenSlides has content-dependent runtime. This means the function...
CVE-2024-22892
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...
PT-2024-19600 · Unknown · Openslides
Name of the Vulnerable Software and Affected Versions: OpenSlides version 4.0.15 Description: The issue is related to the use of a weak hashing algorithm for storing passwords. Recommendations: For OpenSlides version 4.0.15, update to a version that uses a secure password hashing algorithm to...
CVE-2024-22893
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack...
CVE-2024-22892
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...