2241 matches found
CVE-2024-38443
C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...
CVE-2024-38443
C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...
The Algorithms security breach
The Algorithms is a library of The Algorithms open source. It is a collection of open source implementations of various algorithms. A security vulnerability exists in The Algorithms that stems from the presence of a deeply recursive segmentation error...
CVE-2024-34113
Adobe ColdFusion is affected by CVE-2024-34113 (Weak Cryptography for Passwords) affecting ColdFusion 2023u7, 2021u13 and earlier. The issue stems from insufficiently strong cryptographic algorithms or flawed implementation used for password protection, enabling potential decryption or guessing o...
CVE-2024-34113 ColdFusion | Weak Cryptography for Passwords (CWE-261)
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. This vulnerability arises due to the use of insufficiently strong cryptographic algorithms or flawed implementation that compromises the...
CVE-2024-36405
CVE-2024-36405 affects the liboqs reference Kyber KEM implementation. A control-flow timing leak arises when the Kyber KEM is compiled with Clang 15–18 under certain options (including -Os and -O1), enabling a local attacker to measure decapsulation timings and recover the entire ML-KEM 512 secre...
OpenSSL 1.0.2 < 1.0.2zc Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2zc. It is, therefore, affected by a vulnerability as referenced in the 1.0.2zc advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS...
OpenSSL 0.9.6 < 0.9.6j Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 0.9.6j. It is, therefore, affected by multiple vulnerabilities as referenced in the 0.9.6j advisory. - The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA...
Fedora: Security Advisory for rust-rpick (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm
An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...
GHSA-C74F-6MFW-MM4V Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
GO-2024-2877 ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd...
[SECURITY] Fedora 39 Update: rust-rpick-0.9.0-3.fc39
Helps you pick items from a list by various algorithms. Example uses: pick a restaurant you haven't been to in a while, or an album to listen to...
[SECURITY] Fedora 39 Update: rust-libcramjam-0.3.0-3.fc39
Compression library combining a plethora of algorithms in a similar as possible API...
The vulnerability of the application programming interface of the Delinea Secret Server management software allows a perpetrator to bypass the authentication process.
The vulnerability of the application programming interface of the Delinea Secret Server management software relates to the use of cryptographic algorithms with a hard-programmed key for encryption. Exploiting this vulnerability could allow a malicious actor to bypass authentication procedures...
Lattice-Based Cryptosystems and Quantum Cryptanalysis
Quantum computers are probably coming, though we dont know when--and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The...
[SECURITY] Fedora 40 Update: rust-rpick-0.9.0-3.fc40
Helps you pick items from a list by various algorithms. Example uses: pick a restaurant you haven't been to in a while, or an album to listen to...
[SECURITY] Fedora 40 Update: rust-libcramjam-0.3.0-3.fc40
Compression library combining a plethora of algorithms in a similar as possible API...
ROS-20240424-02
A vulnerability in the Libraries component of the Oracle Java SE software platform and Oracle GraalVM virtual machine. Enterprise Edition is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected informatio...
Authentication Bypass
namshi/jose is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation which permits tokens signed with 'none' algorithms to be processed, effectively allowing authentication to bypass signature validation...