Information Disclosure

openSSH is vulnerable to information disclosure. An attacker is able to conduct a man-in-the-middle attack to initial connections attempts due to a observable discrepancy in the algorithm negotiation...

(0Day) D-Link DCS-960L HNAP LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from...

FreeBSD : glpi -- weak csrf tokens (b64edef7-3b10-11eb-af2a-080027dbe4b7)

MITRE Corporation reports : In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6. C Tenable Network Security, Inc. The...

Remote Code Execution (RCE)

krfb is vulnerable to remote code execution. The vulnerability is possible due to an integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2...

[SECURITY] Fedora 32 Update: python-signedjson-1.1.1-3.fc32

Features: More than one entity can sign the same object. Each entity can sign the object with more than one key making it easier to rotate keys ED25519 can be replaced with a different algorithm. Unprotected data can be added to the object under the "unsigned" key...

Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2020-7339 Database Security(DBS)-Use of a Broken or Risky Cryptographic Algorithm

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2020-7339

CVE-2020-7339 affects McAfee Database Security Server and Sensor prior to version 4.8.0. The vulnerability stems from the use of SHA-1 signed certificates, enabling an attacker on the same local network to potentially intercept communication between the Server and Sensors. Publicly available conn...

Depix - Recovers Passwords From Pixelized Screenshots

Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with a linear box filter. In this article I cover background information on pixelization and similar research. Example python depix.py -p...

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Exploit

Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation states that there are thre...

Mcafee Database Security Server 和 Sensor 加密问题漏洞

Mcafee Database Security Server and Mcafee Database Security sensor are both products of Mcafee Corporation, China.Mcafee Database Security Server is a database security software. Mcafee Database Security Server is a database security software that provides users with an overall view of the...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2020-0095)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in...

Denial Of Service (DoS)

ntpd is vulnerable to denial of service. A remote attacker is able to cause a denial of service memory consumption by sending malicious packets due to memory not bring freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file...

GHSA-4FJV-PMHG-3RFG Multiple cryptographic issues in Python oic

Impact Client implementations using this library Issues 1 The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2 JWA none algorithm was allowed in all flows. 3 oic.consumer.Consumer.parseauthz returns an unverified IdToken. Th...

Multiple cryptographic issues in Python oic

Impact Client implementations using this library Issues 1 The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2 JWA none algorithm was allowed in all flows. 3 oic.consumer.Consumer.parseauthz returns an unverified IdToken. Th...

Cipher Downgrade Attack

oic is vulnerable to cipher downgrade attacks. The vulnerability exists as the IdToken signature algorithm is not checked automatically, and that the JWA none algorithm is always allowed, and that the IdToken returned from oic.consumer.Consumer.parseauthz is not verified, and the iat claim is not...

Design/Logic Flaw

Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1 The IdToken signature algorithm was not checked automatically, but only if the expected...

PYSEC-2020-69

Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1 The IdToken signature algorithm was not checked automatically, but only if the expected...

PYSEC-2020-69

Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1 The IdToken signature algorithm was not checked automatically, but only if the expected...

SUSE-SU-2020:3591-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - Update to version jdk8u275 icedtea 3.17.1 JDK-8214440, bsc1179441: Fix StartTLS functionality that was broken in openjdk272. bsc1179441 JDK-8223940: Private key not supported by chosen signature algorithm JDK-8236512: PKCS11 Connectio...