CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

EUVD-2024-55467

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

CVE-2024-57854 Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

CVE-2024-57854

CVE-2024-57854 affects Net::NSCA::Client (Perl) up to version 0.009002. The issue comes from using a non-cryptographically secure random number generator for IVs: v0.003 migrated to Data::Rand::Obscure, which relies on Perl’s rand() and is not suitable for cryptographic purposes. The connected de...

CVE-2024-57854 Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection

A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCUREBAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It's currently not known who is...

CVE-2024-10460

The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

The vulnerability of the ObscureKeystrokeTiming() function in the SSH client of the OpenSSH cryptographic security tool allows a intruder to gain unauthorized access to protected information.

The vulnerability of the ObscureKeystrokeTiming function in the SSH client of the OpenSSH cryptographic security tool is related to synchronization errors when using a shared resource “Race Conditions”. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shar...

CVE-2024-7523

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 129...

CVE-2024-7529

The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird 115.14...

USN-6887-1 openssh vulnerability

Philippos Giavridis, Jacky Wei En Kung, Daniel Hugenroth, and Alastair Beresford discovered that the OpenSSH ObscureKeystrokeTiming feature did not work as expected. A remote attacker could possibly use this issue to determine timing information about keystrokes...

CVE-2024-4766

Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 126...

obscure-abhorrence.de Cross Site Scripting vulnerability OBB-3891294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

obscure-abhorrence.de Cross Site Scripting vulnerability OBB-3871024

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Mozilla: Full screen notification obscured by file open dialog

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks...

obscure-abhorrence.de Cross Site Scripting vulnerability OBB-3414294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-32212

An attacker could have positioned a datalist element to obscure the address bar. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...