733 matches found
[SECURITY] Fedora 41 Update: php-phpseclib-2.0.48-1.fc41
MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...
easy-rsa 加密问题漏洞
easy-rsa is a simple shell-based CA utility from the OpenVPN open source. A security vulnerability exists in easy-rsa versions 3.0.5 through 3.1.7, which stems from the fact that when creating a password-protected CA private key using the easyrsa build-ca command, Easy-RSA incorrectly uses the...
Use of insecure cryptographic algorithms
This crate uses a number of cryptographic algorithms that are no longer considered secure and it uses them in ways that do not guarantee the integrity of the encrypted data. MagicCrypt64 uses the insecure DES block cipher in CBC mode without authentication. This allows for practical brute force a...
Friday Squid Blogging: Squid-A-Rama in Des Moines
Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect squid, explore fascinating facts about the species, and witness a live squid release conducted by local divers. How are they doing a live squid release? Simple: this is Des Moines, Washington; not Des...
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application possibly resulting in a denial of service (DoS) attack.
...
NewStart CGSL MAIN 6.02 : libssh Multiple Vulnerabilities (NS-SA-2024-0052)
The remote NewStart CGSL host, running version MAIN 6.02, has libssh packages installed that are affected by multiple vulnerabilities: - The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG,...
GO-2024-2441 The DES/3DES cipher was used as part of the TLS protocol by installation tools in github.com/karmada-io/karmada
The DES/3DES cipher was used as part of the TLS protocol by installation tools in github.com/karmada-io/karmada...
MAL-2024-2196 Malicious code in down_load_ebook_lionheart_im_dienste_des_lowen_by_ben_kane_dietmar_schmidt_hu2ti (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in down_load_ebook_das_spiel_des_lebens_und_wie_man_es_spielt_by_florence_scovel_shinn_katrine_hutterer_0k3sy (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2170 Malicious code in down_load_ebook_das_spiel_des_lebens_und_wie_man_es_spielt_by_florence_scovel_shinn_katrine_hutterer_0k3sy (npm)
--- -= Per source details. Do not edit below this line.=-...
PT-2024-10335 · Openssl +2 · Openssl +2
Name of the Vulnerable Software and Affected Versions: Easy-RSA versions 3.0.5 through 3.1.7 Description: The issue is related to a weak encryption algorithm used in Easy-RSA, specifically the cipher:des-ede3-cbc algorithm, which allows a local attacker to more easily bruteforce the private CA ke...
comm-des-entrepreneurs.fr Cross Site Scripting vulnerability OBB-3915469
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nuitdesetudiantsdumonde.org Cross Site Scripting vulnerability OBB-3908020
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
la-danse-des-casseroles.com Cross Site Scripting vulnerability OBB-3907441
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
saint-andre-des-eaux.fr Cross Site Scripting vulnerability OBB-3859058
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-7XM8-WJQ7-88R5 DeviceFarmer stf uses DES-ECB
DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...
la-rose-des-vents.com Cross Site Scripting vulnerability OBB-3838136
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
medecine-des-arts.com Cross Site Scripting vulnerability OBB-3831936
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
syndicat-des-taxis-marseillais.fr Improper Access Control vulnerability OBB-3831581
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
camping-fleurs-des-champs.fr Improper Access Control vulnerability OBB-3824269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...