Design/Logic Flaw

The NSS code used for checking PKCS1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected...

The vulnerability of the EC key verification library in the Math cryptographic security module of Bouncy Castle allows a perpetrator to gain unauthorized access to the protected information.

The vulnerability of the EC key verification library in the Bouncy Castle cryptographic security framework is related to synchronization errors that occur when using a shared resource for processing deterministic digital signatures of the ECDSA type. Exploiting this vulnerability could allow an...

Ubuntu 16.04 ESM / 18.04 ESM : ntopng vulnerability (USN-4842-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4842-1 advisory. It was discovered that ntopng did not properly seed its random number generator, leading to predictable session tokens. An attacker could use this...

Deterministic proxy contract address with a hard-coded salt enables token theft.

Lines of code Vulnerability details Impact The retrieveProxyContractAddress function calculates the address of the proxy contract deterministically based only on the delegate address. An attacker could pre-compute proxy contract addresses for target delegates and steal tokens by transferring to...

Possibility of security vulnerabilities introduced by creating ERC20ProxyDelegator instances on the fly using static salt values

Lines of code Vulnerability details Impact Security risks associated with deploying proxy contracts via deterministic addresses that can be easily calculated. In deployProxyDelegatorIfNeeded, in the case that extcodesizeproxyAddress == 0, then a proxy contract is instantiated ad hoc via new...

SUSE-SU-2023:3665-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed not deterministic hashing of empty dict strings bsc1210412. - CVE-2023-28484: Fixed NULL dereference in xmlSchemaFixupComplexType bsc1210411. - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

Authorization Bypass

github.com/openfga/openfga is vulnerable to Authorization Bypass. The vulnerability exists because the number of objects returned with the ListObjects API are non-deterministic which allows an attacker to access unauthorized objects if the model contains expressions of type rel1 from type1...

Oracle Linux 8 : libxml2 (ELSA-2023-4529)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4529 advisory. - Fix CVE-2023-28484 2185994 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

CVE-2023-3470 BIG-IP FIPS HSM password vulnerability CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

CVE-2023-3470 BIG-IP FIPS HSM password vulnerability CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

AlmaLinux 9 : libxml2 (ALSA-2023:4349)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4349 advisory. - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2023-2544)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2023-2563)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

PT-2023-24981 · F5 · F5 Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions affected versions not specified Description: The issue concerns F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards, which generate a deterministic password for the Crypto User account. This predictable password allows an...

MTE As Implemented, Part 2: Mitigation Case Studies

By Mark Brand, Project Zero Background In 2018, in the v8.5a version of the ARM architecture, ARM proposed a hardware implementation of tagged memory, referred to as MTE Memory Tagging Extensions. In Part 1 we discussed testing the technical and implementation limitations of MTE on the hardware...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...