173 matches found
Security Bulletin: A vulnerability in GnuPG (gpg) affects PowerKVM
Summary PowerKVM is affected by a vulnerability in GnuPG gpg. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-6313 DESCRIPTION: GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining 4640 bits from the random...
CVE-2014-6412
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach...
CVE-2018-1266
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwri...
CVE-2018-1266
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwri...
Apache Wicket 'CryptoMapper' CSRF Vulnerability (Feb 2015)
Apache Wicket is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Insecure Hash Algorithm
Cordova-Plugin-Device is using the insecure hash algorithm MD5. The use of the insecure hash algorithm for system device information allows an attacker to easily predict the value...
Insecure Random Number Generation
jRuby is vulnerable to insecure random number generation. The library does not use a pseudo-random salt when when generating a hash, causing the hash generated to be easier to predict...
GLSA-201610-04 : libgcrypt: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201610-04 libgcrypt: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details. Impact : Side-channel attacks can leak private key...
DSA-3649-1 gnupg - security update
Bulletin has no description...
WP-Predict 1.0 - Blind SQL Injection
The wp-predict WordPress plugin was affected by a Blind SQL Injection security vulnerability...
SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)
The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to 3.0.82 and to fix various bugs and security issues. The following security issues have been fixed : - The chaseport function in drivers/usb/serial/ioti.c in the Linux kernel allowed local users to cause a denial of service NUL...
[Diviner] OWASP Zed Attack Proxy Extension
Diviner is a unique platform that attempts to predict the structure of the server-side memory, source code and processes,by executing scenarios aimed to fingerprint behaviors that derive from specific lines of code, processes or memory allocations,by employing the use of a variety of coverage...
WordPress WP Predict Plugin 1.0 - Blind SQL Injection
WP Predict plugin is prone to a Blind SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...
WordPress WP-Predict 1.0 Blind SQL Injection
Exploit Title: WordPress WP-Predict v1.0 Blind SQL Injection Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.pootlepress.co.uk/ Software Link: http://downloads.wordpress.org/plugin/wp-predict.zip Version: 1.0 ===================== Vulnerability Details =====================...
WordPress Plugin WP-Predict 1.0 - Blind SQL Injection
WordPress Plugin WP-Predict 1.0 - Blind SQL Injection Exploit Title: WordPress WP-Predict v1.0 Blind SQL Injection Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.pootlepress.co.uk/ Software Link: http://downloads.wordpress.org/plugin/wp-predict.zip Version: 1.0...
WordPress Plugin WP-Predict 1.0 - Blind SQL Injection
Exploit Title: WordPress WP-Predict v1.0 Blind SQL Injection Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.pootlepress.co.uk/ Software Link: http://downloads.wordpress.org/plugin/wp-predict.zip Version: 1.0 ===================== Vulnerability Details =====================...
Wordpress Plugins - WP-Predict v1.0 Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: WordPress WP-Predict v1.0 Blind SQL Injection Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.pootlepress.co.uk/ Software Link: http://downloads.wordpress.org/plugin/wp-predict.zip Version: 1.0...
Ruby Random Number Values Information Disclosure Vulnerability
This host is installed with Ruby and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodrubyrandomnumbervaluesinfodiscvuln.nasl 8196 2017-12-20 12:13:37Z cfischer $ Ruby Random Number Values Information Disclosure Vulnerability Authors: Sooraj KS Copyright:...
Ruby Random Number Values Information Disclosure Vulnerability (Jul 2011)
Ruby is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ruby-lang:ruby";...
Ruby Random Number Generation Local DoS Vulnerability (Jul 2011)
Ruby is prone to a local denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ruby-lang:ruby";...