148 matches found
CVE-2023-3202
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatefirebaseserverkey function. This makes it possible for unauthenticated attackers to update the firebase server key to push notification when order status changed via ...
openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected
A flaw was found in OpenSSL's RFC7250 Raw Public Key RPK authentication. This vulnerability allows man-in-the-middle MITM attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSLVERIFYPEER verification mode being set...
PT-2024-37525 · Conduit · Conduit
Name of the Vulnerable Software and Affected Versions: Conduit versions prior to 0.7.0 Description: The issue concerns missing authorization in the Client-Server API, allowing for unauthorized removal and addition of aliases to different rooms. This can be exploited for privilege escalation by...
CVE-2023-3202
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatefirebaseserverkey function. This makes it possible for unauthenticated attackers to update the firebase server key to push notification when order status changed via ...
Cross site request forgery (csrf)
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatefirebaseserverkey function. This makes it possible for unauthenticated attackers to update the firebase server key to push notification when order status changed via ...
CVE-2023-3202 MStore API <= 3.9.6 - Cross-Site Request Forgery to Firebase Server Key Update
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatefirebaseserverkey function. This makes it possible for unauthenticated attackers to update the firebase server key to push notification when order status changed via ...
CVE-2023-3202
CVE-2023-3202: The MStore API WordPress plugin is vulnerable to CSRF due to missing nonce validation on mstore_update_firebase_server_key, enabling unauthenticated attackers to alter the Firebase server key and push notifications when an order status changes via forged requests. Impact is limited...
CVE-2023-33842
IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. IBM X-Force ID: 256117...
MStore API < 3.9.7 - Multiple CSRF
The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as Order Status Update, Order Title Update, Product Limit Update, Order Message Update, and Firebase Server Key Update...
AZL-26807 CVE-2023-28319 affecting package mysql for versions less than 8.0.34-1
A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...
PT-2023-3440 · Curl +4 · Curl +4
Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.1.0 Description: A use after free issue exists in the way libcurl verifies an SSH server's public key using a SHA 256 hash. When this check fails, libcurl frees the memory for the fingerprint before returning an error...
K43404629: F5 SSH server key size vulnerability CVE-2020-5917
Security Advisory Description The BIG-IP and BIG-IQ host OpenSSH servers use keys less than 2048 bits that are no longer considered secure. CVE-2020-5917 Impact The BIG-IP system may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. Some security scanners, such as the...
SUSE CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service crash via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference...
SUSE CVE-2015-3196
ssl/s3clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service race condition and double free via a crafted...
SUSE CVE-2015-7575
Mozilla Network Security Services NSS before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof...
SUSE CVE-2017-1000385
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...
SUSE CVE-2018-9988
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input...
SUSE CVE-2022-1671
A NULL pointer dereference flaw was found in rxrpcpreparses in net/rxrpc/serverkey.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information...
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
...
CVE-2022-1671
A NULL pointer dereference flaw was found in rxrpcpreparses in net/rxrpc/serverkey.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information...