19 matches found
EUVD-2014-0038
Malware in sbrugna...
SUSE CVE-2013-4347
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
SimpleGeo python-oauth2 does not check the nonce allowing replay attacks
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The vulnerability does not appear to be patched according to the following discussion...
GHSA-4433-4CXQ-VV73 SimpleGeo python-oauth2 does not check the nonce allowing replay attacks
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The vulnerability does not appear to be patched according to the following discussion...
GHSA-RV8H-P43R-4X5R SimpleGeo python-oauth2 vulnerable to the use of Insufficiently Random Values to generate nonces
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
SimpleGeo python-oauth2 vulnerable to the use of Insufficiently Random Values to generate nonces
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
CVE-2013-4346
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
CVE-2013-4347
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
PYSEC-2014-86
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
Design/Logic Flaw
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
PYSEC-2014-86
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
CVE-2013-4346
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
CVE-2013-4347
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
PYSEC-2014-85
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
PYSEC-2014-85
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
Code injection
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...
CVE-2013-4346
The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...
CVE-2013-4346
CVE-2013-4346 affects python-oauth2 used by SimpleGeo; it stems from Server.verify_request not checking the nonce, enabling replay through a signed URL. Public references (GHSA entry) confirm the nonce verification flaw and potential replay risk. Connected advisories (RHSA entries for Red Hat Sat...
CVE-2013-4347
The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack...