Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/24 11:23 a.m.3 views

CVE-2026-33306

A flaw was found in bcrypt-ruby, a Ruby binding for the OpenBSD bcrypt password hashing algorithm, specifically in its JRuby implementation. When the cost parameter is set to 31, an integer overflow occurs, causing the key-strengthening loop to execute zero iterations. This significantly weakens...

7.4CVSS5.9AI score0.00228EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/24 12:8 a.m.25 views

CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby

bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...

7.4CVSS0.00228EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2024/10/04 9:53 a.m.12 views

How to Get Going with CTEM When You Don't Know Where to Start

Continuous Threat Exposure Management CTEM is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of...

7.2AI score
Exploits0
CISA
CISA
added 2022/06/22 12:0 a.m.13 views

Keeping PowerShell: Measures to Use and Embrace

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet CIS on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely du...

1.4AI score
Exploits0References1
The Coalfire Blog
The Coalfire Blog
added 2020/04/24 8:4 p.m.16 views

How to strengthen your cybersecurity program

The first step toward becoming physically fit is looking in the mirror, acknowledging your weaknesses, and making a commitment that youll do whatever it takes to improve yourself. This is true for personal fitness, but can this approach also apply to the cybersecurity program at your growing...

6.9AI score
Exploits0
ArchLinux
ArchLinux
added 2015/03/17 12:0 a.m.102 views

ecryptfs-utils: hard-coded passphrase salt

eCryptfs uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack. By default, the wrapping key is hashed with the default fixed salt 0x0011223344556677. This update introduces the version 2 wrapped-passphrase file...

5CVSS8AI score0.0218EPSS
Exploits1References4
myhack58
myhack58
added 2013/05/27 12:0 a.m.19 views

International Airlines any user is bound to any phone,any reset a user's password-vulnerability warning-the black bar safety net

In my information point to modify the phone to send the verification code to set up burpsuite cut package Phone=1 5 0&userName=admin Modify your mobile phone number and want to reset the password of the username there is a very magical thing to modify is successful will directly jump to you to...

0.5AI score
Exploits0
myhack58
myhack58
added 2012/05/24 12:0 a.m.26 views

PHP Address Book 7.0.0 plurality of defect and repair-vulnerability warning-the black bar safety net

Title: PHP Address Book 7.0.0 Multiple security vulnerabilities Author: Stefan Schurtz Affected Software: Successfully tested on PHP Address Book 7.0.0 Developer website: http://sourceforge.net/projects/php-addressbook/ Defect description PHP Address Book 7.0.0 containing multiple XSS and SQLi...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/16 6:50 p.m.9 views

Lahore University, Shail Vac Engineers, Strengthening Democracy - SQLi Vulnerable found by Lionaneesh

Lahore University,Shail Vac Engineers,Strengthening Democracy - SQLi Vulnerable found by Lionaneesh Lahore University of Management SciencesLUMS : Site : https://econ.lums.edu.pk Vulnerable URL : Shail Vac Engineers website Site : Target : Strengthening Democracy through Parliamentary Development...

7AI score
Exploits0
myhack58
myhack58
added 2006/06/05 12:0 a.m.38 views

MD5 strengthen the authentication challenge Wang xiaoyun cracked-vulnerability warning-the black bar safety net

Dreaming think a strengthening of the md5 authentication method to Wake up a hurry to test it Earth people know that MD5 is the king of a small cloud break!!! Broken!!! Broken!!! Broken!!! Breaking theto shut up In fact,not broken but with their algorithm, in the number of hours it is possible to...

7AI score
Exploits0
Rows per page
Query Builder