6 matches found
MiracleLinux 8 : 389-ds:1.4 (AXSA:2021-2352:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2352:01 advisory. 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed CVE-2021-3652 Tenable has extracted the preceding description block directl...
CVE-2025-3530
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'producttmptwo'...
The vulnerability of Backup Exec’s software for backup and data restoration lies in its lack of authentication procedures. This allows attackers to bypass security restrictions and execute arbitrary commands.
The vulnerability of Backup Exec’s backup and recovery software is related to deficiencies in authentication procedures when using the SHA cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary commands...
Cyrus IMAP 加密问题漏洞
Cyrus IMAP is an open source mail server for the IMAP Interactive Mail Access Protocol protocol based on Unix and Linux operating systems. A cryptographic issue vulnerability exists in Cyrus IMAP that stems from the product's internal hash table not using a valid string encryption algorithm...
python: DoS via inefficiency in IPv{4,6}Interface classes
A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...
Design/Logic Flaw
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service CPU consumption via crafted JSON data, involving collisions...