Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/04/16 9:10 p.m.13 views

Timing Attack

Overview mojic is an Obfuscate C source code into encrypted, password-seeded emoji streams. Affected versions of this package are vulnerable to Timing Attack in the getDecryptStream process. An attacker can bypass file integrity checks by exploiting timing discrepancies in the HMAC verification,...

5.7CVSS6AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2024/07/17 9:30 a.m.9 views

GHSA-5V69-92VW-FMJH Apache StreamPark: maven build params could trigger remote command execution

In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...

4.7CVSS5.3AI score0.01117EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.10 views

PT-2023-28663 · WordPress · Import Xml/Rss Feeds

Name of the Vulnerable Software and Affected Versions: Import XML and RSS Feeds WordPress plugin versions prior to 2.1.4 Description: The issue allows an attacker to upload a malicious PHP file due to a lack of file extension filtering for uploaded files, leading to Remote Code Execution...

7.2CVSS7.8AI score0.01698EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2012/07/17 12:0 a.m.4 views

PT-2012-2878 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.3 Moodle versions 2.2.x through 2.2.0 Description: The issue in lib/formslib.php does not properly handle multiple instances of a form element. This has unspecified impact and remote attack vectors...

7.5CVSS6.3AI score0.01308EPSS
Exploits0References5
Rows per page
Query Builder