16 matches found
CVE-2026-8721
Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...
Linux Distros Unpatched Vulnerability : CVE-2026-8721
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes...
Understanding Password Preferences, Memorability, and Security through a Human-Centered Lens
Passwords remain the primary authentication method, yet user-created passwords are often the weakest due to the security-usability trade-off. Although AI-based password generators are emerging, little is known about their effectiveness and user perceptions. This eye-tracking study examined how...
gokey 安全漏洞
gokey is a Go language library open-sourced by Cloudflare. A security vulnerability exists in gokey versions prior to 0.2.0, which stems from a flaw in the seed decryption logic that could lead to password entropy reduction and password recovery attacks...
Reduced Password Entropy
typo3/cms-core is vulnerable to reduced password entropy. The vulnerability is due to a deterministic three-character prefix in the Password Generation component, which reduces randomness and allows an attacker to perform brute-force attacks more efficiently...
EUVD-2021-1401
Malware in sbrugna...
EUVD-2024-39403
Malicious code in bioql PyPI...
CVE-2024-42027
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources...
CVE-2024-42027
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources...
CVE-2024-42027
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources...
CVE-2024-42027
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources...
CVE-2024-42027
The CVE-2024-42027 entry describes a vulnerability in Rocket.Chat Mobile versions prior to 4.5.1 where E2EE password entropy is insufficient, enabling an attacker with sufficient time/resources to crack the initial E2EE password. Affected product: Rocket.Chat Mobile (pre-4.5.1). Root cause: low-e...
Apache OpenOffice 安全特征问题特征问题漏洞
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases and more. A security feature issue vulnerability exists in Apache OpenOffice versions prior to 4.1.13, which stems...
PT-2020-17057 · Rclone +2 · Rclone +2
Name of the Vulnerable Software and Affected Versions: Rclone versions prior to 1.53.3 Description: An issue was discovered due to the use of a weak random number generator, resulting in the password generator producing weak passwords with much less entropy than advertised. The suggested password...
CVE-2012-2742
Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack passwords and obtain access to keys via a brute-force attack...
CVE-2012-2742
Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack passwords and obtain access to keys via a brute-force attack...