Siemens Simcenter STAR-CCM+

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Simcenter STAR-CCM+ Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Simcenter STAR-CCM+ contains an information disclosure vulnerability...

GHSA-7942-2FX8-QHPF Raneto v0.17.0 employs weak password complexity requirements

Raneto v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Version 0.17.1 contains security mitigations for this and other vulnerabilities...

CVE-2022-35143

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...

CVE-2022-35143

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...

CVE-2022-35143

Concrete details found: Renato v0.17.0 is affected by weak password complexity requirements that enable brute-force password cracking. Red Hat CVE entries corroborate the issue for Renato v0.17.0. The scope includes the core software and its auth flow; impact is high confidentiality, integrity, a...

PT-2022-22597 · Raneto · Raneto

Name of the Vulnerable Software and Affected Versions: Raneto version 0.17.0 Description: The issue is related to weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Recommendations: For version 0.17.0, update to version 0.17.1, which contain...

Regular Expression Denial Of Service (ReDoS)

v8n is vulnerable to regular expression denial of service. The vulnerability exists in the availableRules.lowercase function in v8n.js due to the lack of complexity in the regex which allows an attacker to crash the application by providing malicious input...

CVE-2022-35923 Inefficient Regular Expression Complexity in v8n

v8n is a javascript validation library. Versions of v8n prior to 1.5.1 were found to have an inefficient regular expression complexity in the lowercase and uppercase regex which could lead to a denial of service attack. In testing of the lowercase function a payload of 'a' + 'a'.repeati + 'A' wit...

Regular Expression Denial Of Service (ReDoS)

Node-fetch is vulnerable to denial of service. The vulnerability lies in the referrer field in the fetch function, leading to inefficient Regular Expression Complexity. If an attacker is able to use a large character string in the referrer field, the program will either hang or crash...

CVE-2022-2596

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

CVE-2022-2596

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

Fedora: Security Advisory for golang-github-nbutton23-zxcvbn (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-nbutton23-zxcvbn-0.1-9.20210110gite56b841.fc36

Zxcvbn password complexity algorithm in golang...

Taking the Risk-Based Approach to Vulnerability Patching

Software vulnerabilities are a major threat to organizations today. The cost of these threats is significant, both financially and in terms of reputation. Vulnerability management and patching can easily get out of hand when the number of vulnerabilities in your organization is in the hundreds of...

ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, MC Works64 Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere, Out-of-Bounds Read 2...

CVE-2022-2142

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information...

CVE-2022-2142

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information...

Sql injection

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information...