CVE-2023-48053

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

PYSEC-2023-245

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

Archery Security Vulnerabilities

Archery is an open source set of vulnerability assessment and management tools. A security vulnerability exists in Archery version v1.10.0 that stems from the use of non-random or static IVs for Cipher Block Linking CBC mode in AES encryption, which could lead to information and communication...

PT-2023-30686 · Unknown · Pypinksign

Name of the Vulnerable Software and Affected Versions: PyPinkSign version 0.5.1 Description: The issue concerns the use of a non-random or static Initialization Vector IV in Cipher Block Chaining CBC mode for Advanced Encryption Standard AES encryption. This can potentially lead to the disclosure...

PyPinkSign Security Vulnerability

PyPinkSign is a Python library for NPKI certificates from the individual developer Jung Sang-jun! A security vulnerability exists in PyPinkSign version v0.5.1, which stems from the use of non-random or static IVs for cipher block linking CBC mode in AES encryption, which could lead to information...

CVE-2023-30954

The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...

CVE-2023-30954

The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...

Race condition

The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...

CVE-2023-30954 Gotham Video Broken Authentication

The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...

CVE-2023-30954

The CVE describes a race condition in the Gotham video-application-server where ACLs for new videos may not be applied if the source system has not initialized. Affected component: Gotham video-application-server; underlying issue is a race condition affecting access control application during vi...

Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Adobe Media Encoder MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Eclipse OpenJ9 Competition Condition Issue Vulnerability

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. It is primarily used to run Java applications. A security vulnerability exists in Eclipse OpenJ9 versions prior to 0.41.0, which stems from the fact that if a shutdown signal is received before the JVM completes...

PT-2023-32256 · Eclipse +4 · Eclipse Openj9 +4

Name of the Vulnerable Software and Affected Versions: Eclipse OpenJ9 versions prior to 0.41.0 Description: The issue is related to a denial of service caused by a flaw when a shutdown signal SIGTERM, SIGINT or SIGHUP is received before the JVM has finished initializing. This can lead to an...

Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Premiere Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...