125 matches found
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
UBUNTU-CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
PYSEC-2024-3
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
Crlf injection
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
PyCryptodome Security Vulnerabilities
PyCryptodome is a standalone Python low-level cryptographic primitive package from the individual developer Helder Eijs. A security vulnerability exists in PyCryptodome versions prior to 3.19.1, which stems from a side-channel leak in OAEP decryption...
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...
CVE-2023-52323
Summary of CVE-2023-52323 (CVE entry with concrete details): The IBM bulletin notes that PyCryptodome and pycryptodomex prior to 3.19.1 allow side-channel leakage during OAEP decryption, enabling a Manager attack scenario. In the connected IBM Storage Defender Sentinel Anomaly Scan Engine advisor...
PT-2024-1077 · Pypi +9 · Pycryptodome +9
Name of the Vulnerable Software and Affected Versions: PyCryptodome and pycryptodomex versions prior to 3.19.1 Description: The issue is related to side-channel leakage for OAEP decryption, which can be exploited for a Manger attack. This allows a remote attacker to gain unauthorized access to...
Exploit for Out-of-bounds Write in Fortinet Fortios
CVE-2022-42475 Background This is the exploit for the blog...
Covenant v0.5 - Remote Code Execution Exploit
Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows defender disable...
SUSE CVE-2018-15560
PyCryptodome before 3.6.6 has an integer overflow in the datalen variable in AESNI.c, related to the AESNIencrypt and AESNIdecrypt functions, leading to the mishandling of messages shorter than 16 bytes...
Tofu - Windows Offline Filesystem Hacking Tool For Linux
A modular tool for hacking offline Windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, user enumeration and more. How it works : When a Windows machine is shut down, unless it has Bitlocker or another encryption service enabled, it's storage device contains everythin...
Keimpx - Check For Valid Credentials Across A Network Over SMB
keimpx is an open source tool, released under the Apache License 2.0. It can be used to quickly check for valid credentials across a network over SMB. Credentials can be: Combination of user / plain-text password. Combination of user / NTLM hash. Combination of user / NTLM logon session token. If...
CSSG - Cobalt Strike Shellcode Generator
Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and format beacon shellcode Generates beacon stageless shellcode with exposed exit method, additional formatting, encryption, encoding, compression, multiline...
PyCrypto: Weak key generation
Background PyCrypto is the Python Cryptography Toolkit. Description It was discovered that PyCrypto incorrectly generated ElGamal key parameters. Impact Attackers may be able to obtain sensitive information by reading ciphertext data. Workaround There is no known workaround at this time. Resoluti...
CompleteFTP Professional 12.1.3 - Remote Code Execution
Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...