Lucene search
+L

102 matches found

ptsecurity
ptsecurity
added 2022/04/21 12:0 a.m.5 views

PT-2022-2590 · Curl +11 · Curl +11

Name of the Vulnerable Software and Affected Versions: curl versions prior to 7.83.0 Description: The issue is related to a insufficiently protected credentials vulnerability that may leak authentication or cookie header data on HTTP redirects to the same host but another port number. This could...

9.8CVSS6.1AI score0.3197EPSS
Exploits45References244
osv
osv
added 2021/08/05 8:15 p.m.3 views

CVE-2021-29971

If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 90...

9.8CVSS7.4AI score0.01022EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2021/08/05 8:15 p.m.31 views

CVE-2021-29971

If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 90...

9.8CVSS8.4AI score0.01022EPSS
Exploits0
osv
osv
added 2021/08/05 8:15 p.m.3 views

UBUNTU-CVE-2021-29971

If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 90...

9.8CVSS7.3AI score0.01022EPSS
Exploits0References3
redhat
redhat
added 2020/11/05 6:48 p.m.4 views

cxf: JMX integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...

5.3CVSS7.4AI score0.06147EPSS
Exploits0References4
redhat
redhat
added 2020/05/12 6:59 p.m.7 views

python-requests: Redirect from HTTPS to HTTP does not remove Authorization header

A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected 302 from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker coul...

7.5CVSS7.1AI score0.07443EPSS
Exploits2References4
osv
osv
added 2020/03/16 4:15 p.m.2 views

DEBIAN-CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...

4.7CVSS6.5AI score0.00374EPSS
Exploits0References1
redhat
redhat
added 2019/06/18 7:8 p.m.7 views

ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.3AI score0.00887EPSS
Exploits1References5
redhat
redhat
added 2019/05/30 2:57 p.m.6 views

ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.3AI score0.00887EPSS
Exploits1References5
redhat
redhat
added 2018/09/17 2:54 p.m.8 views

JDK: privilege escalation via insufficiently restricted access to Attach API

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on...

7.8CVSS7.2AI score0.00494EPSS
Exploits0References4
cnvd
cnvd
added 2018/06/20 12:0 a.m.4 views

cryptlib Information Disclosure Vulnerability

cryptlib is a general-purpose cryptographic library based on the GnuPG code. A security vulnerability exists in cryptlib. The vulnerability can be exploited by an attacker to obtain a key by accessing a local device or a different virtual machine on the same physical host...

4.9CVSS5AI score0.00346EPSS
Exploits1References1
cnvd
cnvd
added 2018/06/19 12:0 a.m.2 views

Libgcrypt Information Disclosure Vulnerability

Libgcrypt is a general-purpose cryptographic library developed by the GNU Project based on the GnuPG code. The library implements a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, public key algorithms, and more. There is a security vulnerability in Libgcrypt...

4.7CVSS5.6AI score0.00887EPSS
Exploits1References1
osv
osv
added 2018/06/15 2:29 a.m.5 views

CVE-2018-12440

BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host...

4.7CVSS5.8AI score0.00138EPSS
Exploits0References1
osv
osv
added 2018/06/15 2:29 a.m.5 views

CVE-2018-12439

MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host...

4.7CVSS5.8AI score0.00275EPSS
Exploits0References1
cnvd
cnvd
added 2018/06/15 12:0 a.m.6 views

wolfSSL ROHNP Vulnerability

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in the wolfcrypt/src/ecc.c file in versions prior to wolfSSL 3.15.1.patch. An attacker can exploit this...

4.7CVSS4.5AI score0.00371EPSS
Exploits0References1
cnvd
cnvd
added 2018/06/15 12:0 a.m.6 views

LibTomCrypt ROHNP Vulnerability

LibTomCrypt is a modular and portable encryption toolkit. A security vulnerability exists in LibTomCrypt 1.18.1 and earlier versions. An attacker can exploit this vulnerability to obtain ECDSA keys by accessing a local device or a different virtual machine on the same physical host...

4.9CVSS5.3AI score0.0054EPSS
Exploits1References1
cnvd
cnvd
added 2018/06/15 12:0 a.m.5 views

LibreSSL ROHNP Vulnerability

LibreSSL is a fork of the OpenSSL cryptographic software library developed by the OpenBSD project and an open source implementation of the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A security vulnerability exists in LibreSSL versions prior to 2.6.5 and 2.7.x prior to...

4.7CVSS4.7AI score0.00321EPSS
Exploits0References1
osv
osv
added 2018/06/13 11:29 p.m.3 views

DEBIAN-CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS8.9AI score0.00887EPSS
Exploits1References1
cnvd
cnvd
added 2015/06/23 12:0 a.m.3 views

cURL and libcurl Information Disclosure Vulnerability

cURL/libcURL is a command line file transfer tool that supports FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. When cURL and libcurl reuse the curleasyreset connection handle to send requests to the same hostname, they are accompanied by the HTTP Basic authentication credentials of...

5CVSS7AI score0.0821EPSS
Exploits0References1
osv
osv
added 2015/06/22 7:59 p.m.3 views

DEBIAN-CVE-2015-3236

cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset curleasyreset connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors...

5CVSS6.9AI score0.0821EPSS
Exploits0References1
Rows per page
Query Builder