181 matches found
SUSE CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...
wildfly-elytron: possible timing attacks via use of unsafe comparator
A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or...
PT-2023-13035 · Unknown · Wildfly Elytron
Name of the Vulnerable Software and Affected Versions: Wildfly-elytron affected versions not specified Description: A flaw was found in Wildfly-elytron, where it uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. This allows an attacker to access...
CVE-2021-39426
An issue was discovered in /Upload/admin/adminnotify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set...
PT-2022-6814 · Unknown +1 · Openimageio +1
Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.4.4.2 Description: Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO. A specially crafted ImageOutput Object can lead to a heap buffer overflow. This issue arises when the...
GHSA-2QR7-8FP8-4XXR Caucho Quercus, as distributed in Resin, does not properly implement the `==` operator for comparisons
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...
cifs-utils through 6.14 with verbose logging can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
...
AZL-9588 CVE-2022-29869 affecting package cifs-utils for versions less than 6.14-2
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign characters but is not a valid credentials file...
CVE-2022-29869
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign characters but is not a valid credentials file...
cifs-utils 日志信息泄露漏洞
cifs-utils is a toolkit from the individual developer Pavel Shilovsky. It provides utilities for managing CIFS network file system installations. A security vulnerability exists in cifs-utils version 6.14 and earlier, which stems from an information leak when a file contains the = equals sign...
CVE-2022-27380
An issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...
Fixed vulnerability in Wi-Fi SAE and EAP-wd implementations
A vulnerability has been fixed in implementations of the Simultaneous Authentication of Equals SAE and Extensible-Authentication-Protocol-EAP EAP-wd that are used in hostapd and wpasupplicant. The vulnerability enables a malicious party with the ability to execute code on the system to gain acces...
UBUNTU-CVE-2021-46348
There is an Assertion 'ECMASTRINGISREFEQUALSTOONE stringp' failed at /jerry-core/ecma/base/ecma-literal-storage.c in JerryScript 3.0.0...
AZL-7747 CVE-2022-23303 affecting package wpa_supplicant for versions less than 2.10-1
The implementations of SAE in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494...
PT-2022-5940 · Hostap +7 · Hostapd +7
Name of the Vulnerable Software and Affected Versions: hostapd versions prior to 2.10 wpa supplicant versions prior to 2.10 Description: The issue is related to an incomplete fix, resulting in side channel attacks due to cache access patterns. This allows an attacker to potentially disclose...
The vulnerability of the SAE implementation of the wpa_supplicant function for wireless communication devices with WPA certification lies in the fact that it exposes information, allowing attackers to gain access to confidential data.
The vulnerability of the SAE implementation of the wpasupplicant function for wireless communication devices with WPA certification is related to errors in timing and access patterns to the cache. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...
CVE-2021-41753
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames...
UBUNTU-CVE-2021-38153
Some components in Apache Kafka use Arrays.equals to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been...
OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...
OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...