Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/06/13 11:27 a.m.28 views

CVE-2024-34113 ColdFusion | Weak Cryptography for Passwords (CWE-261)

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. This vulnerability arises due to the use of insufficiently strong cryptographic algorithms or flawed implementation that compromises the...

5.5CVSS0.00335EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.24 views

Oracle Linux 7 : cloud-init (ELSA-2020-3898)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3898 advisory. - Resolves: bz1574338 CVE-2018-10896 cloud-init: SSH host keys are not regenerated for the new instances rhel-7 - Resolves: bz1812170 CVE-2020-8632...

7.1CVSS5.8AI score0.00438EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.27 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0151)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys...

7.1CVSS6.2AI score0.01403EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2020/02/24 12:0 a.m.34 views

Debian DLA-2113-1 : cloud-init security update

CVE-2020-8631 In cloud-init, relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls the random.choice function. CVE-2020-8632 In cloud-init, randuserpassword in cloudinit/config/ccsetpasswords.py has a...

5.5CVSS6AI score0.00438EPSS
Exploits0References4
Rows per page
Query Builder