CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

Authorization

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

PT-2021-6020 · Libgcrypt +9 · Libgcrypt +9

Name of the Vulnerable Software and Affected Versions: Libgcrypt versions prior to 1.9.4 Description: The issue is related to the use of a weak cryptographic algorithm in the Libgcrypt library. It affects the ElGamal implementation, allowing plaintext recovery due to a dangerous combination of th...

[SECURITY] [DLA 1867-1] wpa security update

Package : wpa Version : 2.3-1+deb8u8 CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 CVE-2019-11555 Debian Bug : 927463 Several vulnerabilities were discovered in WPA supplicant / hostapd. Some of them could only partially be mitigated, please read below for details. CVE-2019-949...

CVE-2019-3557

The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as streamgetline, to trigger an out-of-bounds read when operating on such malformed streams. The implementations wer...