EUVD-2019-2500

Malware in sbrugna...

PT-2023-9619 · Python · Python

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.9.1 Python cpython version 3.7 Python CPython 3.12.0b1 Description: An issue in the asyncio. swap current task component of Python allows an attacker to obtain sensitive information. The vulnerability is related to...

PT-2022-7023 · Python +6 · Python +6

Name of the Vulnerable Software and Affected Versions: Python versions through 3.9.1 Python version 3.12.0b1 Description: The issue is related to the hmac.compare digest function in the Lib/hmac.py module, where constant-time-defeating optimisations were possible in the accumulator variable. This...

CVE-2019-10706

Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to othe...

CVE-2019-10706

Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to othe...

GLSA-200912-02 : Ruby on Rails: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200912-02 Ruby on Rails: Multiple vulnerabilities The following vulnerabilities were discovered: sameer reported that lib/actioncontroller/cgiprocess.rb removes the :cookieonly attribute from the default session options...

InGate Firewall和SIParator多个安全漏洞

BUGTRAQ ID: 34309 Ingate Firewall和SIParator都是企业级的硬件防火墙设备。 Ingate Firewall和SIParator中存在多个安全漏洞，恶意用户可以利用这些漏洞执行欺骗攻击、绕过某些安全限制或导致拒绝服务。 1 如果将IPsec隧道将远程网络设置为允许“Remote/private address”配置单元，就可能允许任意用户配置单元。 2 IDS/IPS实现中的错误可能允许SIP报文绕过欺骗和IPsec检查。 3 验证DSA和ECDSA密钥签名中的错误可能导致伪造服务器证书。 4 验证HMAC...