44 matches found
EUVD-2007-3367
Malware in sbrugna...
EUVD-2008-4084
Malware in sbrugna...
EUVD-2007-3145
Malware in sbrugna...
CVE-2024-46957
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0...
CVE-2024-43196
IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...
Spoofing Attack
mellium.im/xmpp is vulnerable to Spoofing Attack. The vulnerability is due to the implementation of the Mellium XMPP library, which does not check the stanza type and allows the use of predictable IDs, leading to the possibility of response spoofing...
CVE-2024-46957
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0...
Xmpp 安全漏洞
Xmpp is a set of Xmpp-related libraries and tools for Go open-sourced by the Mellium Co-op. A security vulnerability exists in Xmpp versions 0.0.1 through 0.21.4 that stems from an unchecked section type, which allows response spoofing...
CVE-2024-46957
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0...
Blast-RADIUS is a vulnerability that affects the RADIUS protocol (CVE-2024-3596)
A vulnerability in the verification of RADIUS Response from a RADIUS server has been disclosed by a team of researchers from UC San Diego and their partners. An attacker, with access to the network where the RADIUS protocol is being transmitted, can spoof a UDP-based RADIUS Response packet to...
CVE-2024-46957
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0...
PT-2024-32298 · Mellium · Mellium.Im/Xmpp
Name of the Vulnerable Software and Affected Versions: Mellium mellium.im/xmpp versions 0.0.1 through 0.21.4 Description: The issue allows response spoofing because the stanza type is not checked. This can lead to potential system compromise. The estimated number of potentially affected devices...
DEBIAN-CVE-2024-25638
dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0...
CVE-2023-0627
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
Design/Logic Flaw
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627
Docker Desktop 4.11.x is affected by CVE-2023-0627 due to IPC response spoofing that bypasses the --no-windows-containers flag, enabling Local Privilege Escalation. The root cause is spoofed IPC responses within Docker Desktop, which can let a local attacker escalate privileges. The available ref...