2565 matches found
DEBIAN-CVE-2024-8796
Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...
CVE-2024-8796 Insufficient Default OTP Shared Secret Length
Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...
Devise-Two-Factor 安全漏洞
Devise-Two-Factor is a minimalist extension of Devise to the Devise-Two-Factor open source. It is used to provide support for two-factor authentication via TOTP schemes. A security vulnerability exists in Devise-Two-Factor versions 2.2.0 and earlier and 6.0.0 and earlier, which stems from an...
New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram
A new Android malware called Trojan Ajina.Banker is targeting Central Asia - Discover how this malicious malware disguises…...
Expired OTP Usage
Keycloak is vulnerable to Expired OTP Usage. The vulnerability is due to OTP codes generated by FreeOTP remaining valid for an additional 30 seconds beyond their expiration time, increasing the attack window and surface by allowing two OTPs to be valid simultaneously...
Duplicate Advisory: Keycloak Uses a Key Past its Expiration Date
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xmmm-jw76-q7vg. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token perio...
GHSA-57RH-GR4V-J5F6 Duplicate Advisory: Keycloak Uses a Key Past its Expiration Date
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xmmm-jw76-q7vg. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token perio...
CVE-2024-7318
A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds default. Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute. A one time passco...
CVE-2024-7318 Keycloak-core: one time passcode (otp) is valid longer than expiration timeseverity
A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds default. Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute. A one time passco...
Malicious code in coffin-codes-2022 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6c58561bbec76769fed6ea31b26a57f72ff7242de59c7c6f297a14b56f9b547e So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
Malicious code in coffin-codes-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 df624a59b2cb5ef5cf295a7e63718bf7938250f59c5cda19bb6f43c40824e99b So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
Malicious code in coffin-codes-net2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 694b0573155beac08991f19b534c13e193d82c520d5d0fd8c6733daf1de774ce So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
Malicious code in coffin-codes-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa99dd73d11cc6b2756fb43cff1eb16f5f80b4ffd436dbfd635b8417f821c7ba So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
MAL-2024-12240 Malicious code in coffin-codes-2022 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6c58561bbec76769fed6ea31b26a57f72ff7242de59c7c6f297a14b56f9b547e So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
MAL-2024-12242 Malicious code in coffin-codes-net2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 694b0573155beac08991f19b534c13e193d82c520d5d0fd8c6733daf1de774ce So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
MAL-2024-12243 Malicious code in coffin-codes-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa99dd73d11cc6b2756fb43cff1eb16f5f80b4ffd436dbfd635b8417f821c7ba So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
MAL-2024-12241 Malicious code in coffin-codes-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 df624a59b2cb5ef5cf295a7e63718bf7938250f59c5cda19bb6f43c40824e99b So far, it looks like a legit tunneling software, but in tcp.py there is an attempt to send a strange email using gmail. Update: Identified as malicious by...
CVE-2024-45300 Bypassing promo code limitations with race conditions
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Cybersecurity researchers are calling attention to a new QR code phishing aka quishing campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. "By using legitimate cloud applications, attacke...
GO-2022-0964 SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo
SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo...