1555 matches found
Netease Youtao Dictionary PC version suffers from dll hijacking vulnerability (CNVD-2020-73477)
Netease Yudao Dictionary is a multi-language translation software. A dll hijacking vulnerability exists in Netease Youdao Dictionary for PC. An attacker can exploit this vulnerability to execute malicious code...
CVE-2020-28214
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
Code injection
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
CVE-2020-28214
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
CVE-2020-28214
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...
deepref to security vulnerabilities
Isaymatato Deepref is a JS-written codebase for interacting with dictionary-type data by the individual developer Isaymatato. A security vulnerability exists in deepref versions 1.1.1 through 1.2.1, which stems from a prototype contamination vulnerability in allows an attacker to exploit the...
There is a dll hijacking vulnerability in Youdao Dictionary pc side
Youdao Dictionary is the world's first all-around free language translation software based on search engine technology produced by NetEase Youdao. A dll hijacking vulnerability exists in Youdao Dictionary pc, which can be exploited by attackers to gain control of the server...
Netease Youdao Dictionary PC version suffers from dll hijacking vulnerability
Netease Yudao Dictionary is a multi-language translation software. A dll hijacking vulnerability exists in Netease Youtao Dictionary for PC. An attacker can exploit this vulnerability to execute malicious code...
UBUNTU-CVE-2020-28924
An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on the time the second rclone was started. This limi...
PT-2020-17057 · Rclone +2 · Rclone +2
Name of the Vulnerable Software and Affected Versions: Rclone versions prior to 1.53.3 Description: An issue was discovered due to the use of a weak random number generator, resulting in the password generator producing weak passwords with much less entropy than advertised. The suggested password...
CVE-2020-26933
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
CVE-2020-26933
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
Design/Logic Flaw
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
CVE-2020-26933
CVE-2020-26933 concerns the Trusted Computing Group TPM Library Family 2.0 (library revisions 1.38–1.59). The issue is an Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED, where improper initialization may render the TPM vulnerable to a dictionary attack. The core...
CVE-2020-26933
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
Trusted Computing Group Trusted Platform Module Security Vulnerability
Trusted Computing Group Trusted Platform Module TPM is a chip that is planted inside a computer to provide a trusted root for the computer, organized by the Trusted Computing Group. The chip was developed by the Trusted Computing Group TCG to effectively protect PCs from unauthorized access. A...
Oracle Linux 7 : python3 (ELSA-2020-5010)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5010 advisory. - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 Tenable has extracted the preceding description blo...
python: DoS via inefficiency in IPv{4,6}Interface classes
A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...
EulerOS 2.0 SP9 : python-ipaddress (EulerOS-SA-2020-2438)
According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...
python: DoS via inefficiency in IPv{4,6}Interface classes
A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...