54 matches found
PT-2024-7724 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the netlink component of the Linux kernel, where the validation code reads past a malformed attribute due to a missing size in the minlen array for NLA BE32. Th...
CVE-2023-43715
Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "ENTRYFIRSTNAMEMINLENGTHTITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...
GHSA-2RR3-RV49-P42F phpMyFAQ contains Weak Password Requirements
phpMyFAQ prior to version 3.1.8 has Weak Password Requirements. Version 3.1.8 introduces an eight-character minimum password length...
phpMyFAQ contains Weak Password Requirements
phpMyFAQ prior to version 3.1.8 has Weak Password Requirements. Version 3.1.8 introduces an eight-character minimum password length...
GHSA-V5RV-HPXG-8X49 Signature validation bypass in ServiceStack
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
Signature validation bypass in ServiceStack
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
How Does Your AD Password Policy Compare to NIST's Password Recommendations?
End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your user...
Buffer Error Vulnerability in Multiple Qualcomm Products
A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are manufactured from time to time on the surface of semiconductor wafers. A buffer error vulnerability exists in multiple Qualcomm products...
CVE-2020-28042
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
CVE-2020-28042
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
Code injection
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
CVE-2020-28042
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature...
DEBIAN-CVE-2015-8626
The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack...
Mandriva Security Advisory MDVSA-2009:318 (xmlsec1)
The remote host is missing an update to xmlsec1 announced via advisory MDVSA-2009:318. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...