14 matches found
EUVD-2017-5926
Malware in sbrugna...
EUVD-2023-43923
Malicious code in bioql PyPI...
BIT-LIBPHP-2023-3247 Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...
SUSE CVE-2023-3247
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...
AZL-27435 CVE-2023-3247 affecting package php for versions less than 8.1.22-1
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...
PHP 8.1.x < 8.1.20
The version of PHP installed on the remote host is prior to 8.1.20. It is, therefore, affected by a vulnerability as referenced in the Version 8.1.20 advisory. - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value...
PHP 8.0.x < 8.0.29
The version of PHP installed on the remote host is prior to 8.0.29. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.29 advisory. - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value...
SUSE CVE-2013-4347
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
CVE-2017-14423
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...
Code injection
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...
CVE-2017-14423
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...
CVE-2017-14423
htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 devices does not prevent unauthenticated nonce-guessing attacks, which makes it easier for remote attackers to change the DNS configuration via a series of requests...
PT-2017-13467 · D Link · D-Link Dir-850L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 Description: The issue allows remote attackers to change the DNS configuration via a series of requests, due to the failure to prevent unauthenticated nonce-guessing attacks in the...
Amazon Linux: Security Advisory (ALAS-2014-425)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...