357 matches found
EUVD-2024-1035
Malicious code in bioql PyPI...
EUVD-2022-27520
Malicious code in bioql PyPI...
PT-2025-37997
Name of the Vulnerable Software and Affected Versions: psPAS PowerShell module versions prior to 7.0.209 Description: The psPAS PowerShell module does not enforce TLS 1.2 within the Get-PASSAMLResponse function during the SAML authentication process. This allows an unauthenticated attacker in a...
Linux Distros Unpatched Vulnerability : CVE-2018-16870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to...
ARGOS: Anomaly Recognition and Guarding through O-RAN Sensing
Rogue Base Station RBS attacks, particularly those exploiting downgrade vulnerabilities, remain a persistent threat as 5G Standalone SA deployments are still limited and User Equipment UE manufacturers continue to support legacy network connectivity. This work introduces ARGOS, a comprehensive...
CVE-2024-47530
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...
CVE-2024-22258
Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for Confidential Clients. Specifically, an application is vulnerable when a Confidential Client uses PKCE for the Authorization Code Grant. An...
CVE-2023-50714
yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the authCodeVerifier should be removed after usage similar to authStat...
CVE-2022-20145
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-25490
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...
CVE-2021-21472
SAP Software Provisioning Manager 1.0 SAP NetWeaver Master Data Management Server 7.1 does not have an option to set password during its installation, this allows an authenticated attacker to perform various security attacks like Directory Traversal, Password Brute force Attack, SMB Relay attack,...
CVE-2021-1043
In TBD of TBD, there is a possible downgrade attack due to under utilized anti-rollback protections. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2019-20575
An issue was discovered on Samsung mobile devices with P9.0 software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 August 2019...
@cloudflare/workers-oauth-provider PKCE bypass via downgrade attack
Summary PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework. However, it was found that an attacker could cause the check to be skipped. Impact PKCE is a defense-in-depth mechanism against certain kinds of attacks and was an optional extension ...
GHSA-VH4H-FVQF-Q9WV Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qgp8-v765-qxx9. This link is maintained to preserve external references. Original Description PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework...
Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qgp8-v765-qxx9. This link is maintained to preserve external references. Original Description PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework...
CVE-2025-4144 PKCE bypass via downgrade attack
PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27...
CVE-2025-4144 PKCE bypass via downgrade attack
PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27...
TLS Downgrade Attack
github.com/refraction-networking/utls is vulnerable to TLS Downgrade Attack. The vulnerability is due to missing downgrade protection caused due to failure to implement and verify the downgrade canary in TLS 1.3 handshakes when using a custom ClientHello spec, allowing an attacker to force a...
SSH Prefix Truncation Vulnerability (Terrapin attack) on Citrix Applayering
SSH Prefix Truncation Vulnerability Terrapin attack on Citrix App Layering . Note: The Terrapin attack can reduce the security of SSH by using a downgrade attack via man-in-the-middle interception. The attack works by prefix truncation; the injection and deletion of messages during feature...