19 matches found
EUVD-2012-1073
Malware in sbrugna...
EUVD-2025-5281
Malicious code in bioql PyPI...
CVE-2012-1035
AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
Linux Distros Unpatched Vulnerability : CVE-2024-55581
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of...
CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...
CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...
CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...
CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...
CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...
CVE-2024-55581
CVE-2024-55581 affects AdaCore Ada Web Server 25.0.0 when linked with GnuTLS, where AWS.Client defaults do not verify the HTTPS server certificate, enabling MITM attacks if TLS configuration is not explicitly set. Root cause: insecure defaults in AWS.Client with GnuTLS. Impact: potential compromi...
PT-2025-8751 · Adacore +2 · Ada Web Server +3
Name of the Vulnerable Software and Affected Versions: AdaCore Ada Web Server version 25.0.0 Description: The issue concerns a lack of verification of an HTTPS server's certificate in the default behaviour of AWS.Client when linked with GnuTLS, making it vulnerable to a man-in-the-middle attack...
CVE-2024-41708
An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...
CVE-2024-41708
An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...
CVE-2024-41708
An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...
AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AdaCore Security Advisory ========================= SA-2012-L119-003 Hash collisions in AWS Problem: Impacted versions of AWS store key/value pairs from submitted form data in hash tables using a hash function that has predictable collisions. As a...
CVE-2012-1035
AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
Code injection
AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
CVE-2012-1035
AdaCore Ada Web Services (AWS) before 2.10.2 is affected by a denial-of-service vulnerability where hash values for form parameters can be triggered to collide predictably, leading to CPU exhaustion under crafted input. The issue stems from how AWS computes hashes for form parameters and can be e...
CVE-2012-1035
AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...