NewStart CGSL MAIN 6.06 (SP) : ruby Multiple Vulnerabilities (NS-SA-2026-0023)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has ruby packages installed that are affected by multiple vulnerabilities: - CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks...

EUVD-2012-2719

Malware in sbrugna...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js version v24.x, which stems from an improper implementation of string hash computation and could lead to a hash collision attack...

Hash Collision Attack

llamaindex is vulnerable to Hash Collision Attack. The vulnerability is due to the use of MD5 hashing for generating document chunk IDs, which allows an attacker to exploit hash collisions by creating structurally distinct chunks with identical text...

Hash Collision Attack

io.netty.incubator, netty-incubator-codec-quic is vulnerable to Hash Collision Attack. The vulnerability is due to a hash collision in the hash map used to manage connections, which allows remote attackers to perform a Hash DoS attack by initiating connections with colliding Source Connection IDs...

Denial Of Service (DoS)

org.typelevel, jawn-parser is vulnerable to denial of service. The vulnerability exists through org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade which are not override objectContext, its leads to a hash collision attack and system crash...

CVE-2022-21653

Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...

Code injection

Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...

CVE-2022-21653

Jawn is an open source JSON parser. Extenders of the org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade who don't override objectContext are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, b...

CVE-2022-21653

CVE-2022-21653 affects the jawn JSON parser. Extenders of org.typelevel.jawn.SimpleFacade and org.typelevel.jawn.MutableFacade that do not override objectContext() are vulnerable to a hash-collision DoS. The issue is fixed in jawn-parser-1.3.1; upgrading is advised. If upgrading isn’t possible, o...

SUSE: Security Advisory (SUSE-SU-2012:0772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

Hash Collision Attack

The SBLIM CIM Client is susceptible to hash collision attack. Since it uses HashMap to parse XML inputs, it allows the attacker to predict hashes and input malicious CIM-XML message from a WBEM Web-Based Enterprise Management server, causing high CPU consumption...

openSUSE Security Update : ruby (openSUSE-2012-77)

ruby update to 1.8.7.p357 to fix hash colission attacks %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-77. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : tomcat6 (openSUSE-SU-2012:0103-1)

The apache tomcat was vulnerable to a hash collision attack which allowed remote attackers to mount DoS attacks. CVE-2011-4858 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

Securing Passwords with Bcrypt Hashing Function

Passwords are the first line of defense against cyber criminals. It is the most vital secret of every activity we do over the internet and also a final check to get into any of your user account, whether it is your bank account, email account, shopping cart account or any other account you have. ...

SuSE 11.1 Security Update : expat (SAT Patch Number 6200)

This update of expat fixes the following bugs : - hash collision attack that could lead to exessive CPU usage. CVE-2012-0876 - expat didn't close file descriptors in some cases. CVE-2012-1147 - specially crafted xml files could lead to a memory leak CVE-2012-1148 %NASLMINLEVEL 70300 C Tenable...

Microsoft Details Flame Hash-Collision Attack

The details of the collision attack used by the Flame malware authors to create a forged code-signing certificate for Microsoft code are beginning to emerge, and the company said that the attackers used an MD5 hash collision specifically to ensure that their attack would work on machines running...