3096 matches found
WordPress E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin 信息泄露漏洞
WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress VikBooking Hotel...
CVE-2022-27863
Sensitive Information Exposure in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin = 1.5.3 on WordPress allows attackers to get the booking data by guessing / brute-forcing easy predictable booking IDs via search POST requests...
CVE-2022-27577
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
CVE-2022-26852
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
CVE-2022-26852
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...
Design/Logic Flaw
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
Code injection
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...
CVE-2022-26852
Technical details about CVE-2022-26852 are not publicly provided in the supplied connected documents. Dell PowerScale OneFS versions 8.2.x-9.3.x are mentioned in the initial description, but no additional exploit specifics, impact, or remediation are given here. Monitor for updates.
CVE-2022-26852
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...
CVE-2022-26851
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss...
CVE-2022-26851
Dell PowerScale OneFS (8.2.2–9.3.x) contains a vulnerability described as a predictable file name from observable state. An unprivileged, remote attacker could exploit it to cause data loss. Affected component/condition corresponds to the observable state of file naming; the exact root cause is d...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
Default credentials
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...
CVE-2021-26113
CVE-2021-26113 affects Fortinet FortiWAN prior to 4.5.9. The issue is a vulnerability in the password hashing process: a one‑way hash is used with a predictable salt (CWE-760). If an attacker has obtained the password file, they may be able to guess stored passwords. No exploitation details are p...
FortiWAN - Use of hardcoded salt for password hashing
A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...