BIT-VAULT-2023-2197 Vault Enterprise Vulnerable to Padding Oracle Attacks When Using a CBC-based Encryption Mechanism with a HSM

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...

BIT-MARIADB-2020-28912

With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...

Testimonial Slider < 2.3.7 - Author+ Settings Update

Description The plugin does not properly ensure that a user has the necessary capabilities to edit certain sensitive plugin settings, making it possible for users with at least the Author role to edit them. 1 Go to a page where one of the sliders is already in use and intercept the nonce tss 2...

PT-2024-13384 · Xen +2 · Xen +2

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the interaction between the Control-flow Enforcement Technology CET and the Xen emulation. CET is a hardware feature designed to protect against Return Oriented...

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. Th...

The vulnerability of the PEAP (Protected Extensible Authentication Protocol) client implementation of the Wi-Fi Protected Access Point software WPA Supplicant allows a hacker to intercept the unencrypted user traffic.

The vulnerability of the PEAP Protected Extensible Authentication Protocol client Wi-Fi access control implementation, such as WPA Supplicant, arises due to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to intercept unencrypted user traffic by...

K000138641: cURL vulnerability CVE-2023-46219

Security Advisory Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. CVE-2023-46219 Impact An attacker with a network position that allows the...

CVE-2023-4537

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

CVE-2023-4537

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

Design/Logic Flaw

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

CVE-2023-4537 Protocol Downgrade in Comarch ERP XL

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

CVE-2023-4537

CVE-2023-4537 affects Comarch ERP XL client (ERP XL: 2020.2.2–2023.2). The issue is a server‑side MS SQL protocol downgrade that can lead to unencrypted communication vulnerable to data interception and modification. The available documents confirm the affected software and the root cause (downgr...

CVE-2023-4537 Protocol Downgrade in Comarch ERP XL

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2...

Comarch ERP XL Security Vulnerability

Comarch ERP XL is an enterprise resource planning ERP software from Comarch Poland. A security vulnerability exists in Comarch ERP XL versions 2020.2.2 through 2023.2, which stems from susceptibility to server-side MS SQL protocol downgrade requests and may result in unencrypted communications th...

CVE-2024-25642

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...

CVE-2024-25642

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...

Input validation

Due to improper validation of certificate in SAP Cloud Connector - version 2.0, attacker can impersonate the genuine servers to interact with SCC breaking the mutual authentication. Hence, the attacker can intercept the request to view/modify sensitive information. There is no impact on the...

SAP Cloud Connector 信任管理问题漏洞

SAP Cloud Connector is a tool from SAP Germany for establishing a secure connection between local systems and SAP Cloud Platform. A trust management issue vulnerability exists in SAP Cloud Connector version 2.0, which stems from incorrect certificate validation, and can be exploited by an attacke...

google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization

PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized...

Account Spoofing

phpMyFAQ is vulnerable to User Account Spoofing. The vulnerability is due to the user removal page lacking backend validation, allowing an attacker to manipulate form details by intercepting the request via a proxy, which can allow an attacker to trick an admin into removing the account...