28 matches found
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
CVE-2025-57784 Tomahawk authentication timing attack due to usage of 'strcmp'
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...
Hiawatha security vulnerabilities
Hiawatha is a security web server developed by Hugo Leisink for Unix systems. This product can prevent attacks such as XSS, SQL injection, and CSRF, and it also offers server monitoring capabilities. Version 11.7 of Hiawatha contains a security vulnerability caused by the use of strcmp, which may...
MiracleLinux 8 : idm:client (AXSA:2024-8409:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8409:01 advisory. JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681 python-jwcrypto: malicious JWE token can cause denial of service CVE-2024-281...
MiracleLinux 8 : idm:client (AXSA:2021-2292:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2292:01 advisory. jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution CVE-2020-11023 Tenable has extracted the preceding...
CVE-2026-22697
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, CryptoLib’s KMC crypto service integration is...
CVE-2026-22026 CryptoLib Unbounded Memory Allocation in KMC HTTP Response Handler Allows Resource Exhaustion
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the libcurl writecallback function in the KMC...
CVE-2026-22026
CVE-2026-22026 affects CryptoLib prior to 1.4.3. The vulnerability is in the libcurl write_callback used by the KMC crypto service client, where HTTP response buffers can be reallocated without size checks, allowing a malicious KMC server to send arbitrarily large responses and cause unbounded me...
CVE-2025-1126
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client...
RHSA-2025:17645 Red Hat Security Advisory: idm:client security update
Bulletin has no description...
EUVD-2025-2016
Malicious code in bioql PyPI...
CVE-2025-10542
iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...
MAL-2025-3819 Malicious code in auth0-guardian-management-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4489a903f859c5e165cf70220daabaaad24a21cdb1705bd94dfddab893954e72 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-1126
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client...
CVE-2025-1126 Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC).
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client...
CVE-2025-1126
CVE-2025-1126 relates to Lexmark Print Management Client and is described as a vulnerability due to reliance on untrusted inputs in a security decision. The primary sources (NVD/NSSI) indicate a CVSS v3.1 base score of 9.3 (CRITICAL) with LOCAL attack vector, LOW attack complexity, and NONE privi...
CVE-2025-1126 Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC).
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client...
PT-2024-26877 · Keyfactor · Keyfactor Ejbca
Name of the Vulnerable Software and Affected Versions: KeyFactor EJBCA versions prior to 8.3.1 Description: The issue concerns the CMP CLI client in KeyFactor EJBCA, which has a hardcoded salt that is only 6 octets long. This is not compliant with the security requirements of RFC 4211, which...