8811 matches found
CVE-2018-19983
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.. Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending...
CVE-2018-19983
CVE-2018-19983 affects Sigma Design Z-Wave devices (S0 through S2). An attacker can perform a DoS by repeatedly sending divided Nonce Get frames (0x98 0x81). In S0, upon receiving a Nonce Get, the node generates and sends a new nonce, then waits; if another Nonce Get arrives, the previous nonce i...
CVE-2018-19983
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.. Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending...
httpd: Weak Digest auth nonce generation in mod_auth_digest
In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...
Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to...
Replay Attack
auth0 is vulnerable to replay attacks. The authentication renew request does not include a nonce, which would allow an attacker to replay an old renewAuth request to obtain a valid session...
SUSE-SU-2018:1161-2 Security update for apache2
This update for apache2 fixes the following issues: CVE-2018-1283: when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a 'Session' header leading to unexpected behavior bsc1086814...
CVE-2018-16242
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...
Design/Logic Flaw
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...
CVE-2018-16242
The CVE-2018-16242 entry describes oBike’s use of Hangzhou Luoping Smart Locker, where an attacker can bypass the locking mechanism by replaying ciphertext in a BLE-based protocol that uses a predictable nonce. Affected component is the bicycle lock system's BLE lock protocol; the underlying issu...
CVE-2018-16242
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy BLE to replay ciphertext based on a predictable nonce used in the locking protocol...
oBike Electronic Lock Bypass
CVE-2018-16242 - oBike Electronic Lock Bypass Product: oBike bicycle-sharing service Vendor: oBike Inc. CVE ID: CVE-2018-16242 Subject: Access control bypass by replay attack on predictable nonce Effect: Unauthorized unlocking of bikes, cirumventing the ride-fees Author: Antoine Neuenschwander...
DuckDuckGo: XSS in Subdomain of DuckDuckGo
A cross-site scripting vulnerability was discovered in a subdomain of DuckDuckGo. The subdomain had a Content Security Policy header intended to prevent script execution, but this could be bypassed in Internet Explorer. As a result, malicious scripts could be injected and executed in the...
About the security content of Wi-Fi Update for Boot Camp 6.4.0
About the security content of Wi-Fi Update for Boot Camp 6.4.0 This document describes the security content of Wi-Fi Update for Boot Camp 6.4.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...
WordPress Core 4.9.6 - (Authenticated) Arbitrary File Deletion
WordPress Core 4.9.6 - Authenticated Arbitrary File Deletion Exploit Title: Wordpress = 4.9.6 Arbitrary File Deletion Vulnerability Date: 2018-06-27 Exploit Author: VulnSpy Vendor Homepage: http://www.wordpress.org Software Link: http://www.wordpress.org/download Version: = 4.9.6 Tested on: php7...
WordPress Plugin Google Map 4.0.4 - SQL Injection
WordPress Plugin Google Map 4.0.4 - SQL Injection Title: WordPress Google Map Plugin getresults Vulnerable Variable: $GET'order' Vulnerable URL: http://vulnerablesite.com/wp-admin/admin.php?page=wpgmpmanagelocation&orderby=locationaddress&order=asc PROCEDURE...
PYSEC-2018-150
Hyperledger Iroha versions v1.0beta and v1.0.0beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes...
CVE-2018-3756
Hyperledger Iroha versions v1.0beta and v1.0.0beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes...
CVE-2018-11632
An issue was discovered in the MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin 1.0.8 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker via spear phishing/social engineering, the attacker can change the plugin settings via...
CVE-2018-11580
An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site a...