1555 matches found
Zip Cracker - Python Script To Crack Zip Password With Dictionary Attack And Also Use Crunch As Pipeline
This Script Supports Only Zip File in This Version You Can Also Use This Script With crunch Cross-platform Supported Usage: zipcracker.py options Options: --version show program's version number and exit -h, --help show this help message and exit -f FILENAME, --file=FILENAME Please Specify Path o...
Python Resource Management Error Vulnerability (CNVD-2020-52841)
Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in the IPv4Interface and IPv6Interface of the Lib/ipaddress.py file in...
CVE-2020-14422
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...
CVE-2020-14422
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...
Design/Logic Flaw
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...
CVE-2020-14422
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...
GHSA-2PPP-9496-P23Q Insufficient Entropy in Spring Security
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...
Insufficient Entropy in Spring Security
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...
CVE-2020-13814
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary...
CVE-2020-13814
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary...
Design/Logic Flaw
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary...
CVE-2020-13814
Foxit Reader and PhantomPDF are affected by CVE-2020-13814. Before version 9.7.1, a use-after-free can occur in a document that lacks a dictionary, leading to potential memory-related impact. The NVD/NVD-derived record indicates a high-severity issue with exploitation potential via network access...
CVE-2020-13814
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary...
CVE-2020-13814
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary...
Information Disclosure
spring-security-core is vulnerable to Information Disclosure. The vulnerability exists as it uses a fixed null initialization vector with CBC Mode for the queryable text encryptor rather than handling the null value passed to the function BCryptPasswordEncoder.encode, thereby allowing a user with...
Spring Security Security Feature Issue Vulnerability
Spring Security, formerly known as Acegi Security , is a framework used by the Spring project team to provide secure authentication services. A security signature issue vulnerability exists in Spring Security. An attacker can exploit this vulnerability to obtain unencrypted values with the help o...
CVE-2020-5408
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...
CVE-2020-5408
CVE-2020-5408 (IBM) affects IBM Sterling Connect:Direct Web Services. A fixed null initialization vector in CBC mode for the queryable text encryptor may allow a dictionary attack to derive unencrypted values, exposing sensitive information. Remediation is via upgrading to supported fixes: IBM St...
CVE-2020-5408 Dictionary attack with Spring Security queryable text encryptor
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has...
freeradius: eap-pwd: Information leak due to aborting when needing more than 10 iterations
An information leak was discovered in the implementation of EAP-pwd in freeradius. An attacker could initiate several EAP-pwd handshakes to leak information, which can then be used to recover the user's WiFi password by performing dictionary and brute-force attacks...