Fedora: Security Advisory for golang-github-gobwas-ws (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

Code injection

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

Fedora: Security Advisory for golang-github-gobwas-ws (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

WordPress Tiny Contact Form plugin跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress plugin is an application plugin. WordPress Tiny Contact Form plugin version 0.7 and earlier is vulnerable to cross-site request forgery, which stems from the plugin's failure to perform CSRF checks when...

CVE-2022-1846

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1846

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1846

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Cross site request forgery (csrf)

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1846 Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF

The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2022-1846

The CVE-2022-1846 entry concerns the Tiny Contact Form WordPress plugin (version up to 0.7) that lacks a CSRF check when updating settings, enabling a logged-in administrator to be coerced into changing settings via a CSRF attack. The connected documents consistently describe the vulnerability as...

WordPress plugin Tiny Contact Form 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress plugin is an application plugin. WordPress Tiny Contact Form plugin version 0.7 and earlier is vulnerable to cross-site request forgery, which stems from the plugin's failure to perform CSRF checks when...

The vulnerability of the Motorola Data Link Communication protocol’s implementation lies in the use of the Tiny Encryption Algorithm (TEA) in the ECB mode. This allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the Motorola Data Link Communication MDLC protocol lies in the use of the Tiny Encryption Algorithm TEA for block encryption in the ECB mode. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

PT-2022-3092 · Motorola · Motorola Mdlc Protocol

Name of the Vulnerable Software and Affected Versions: Motorola MDLC protocol through 2022-05-02 Description: The issue is related to the Motorola MDLC protocol's handling of message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption...

MAL-2022-6583 Malicious code in tiny-range-binarysearch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1758f192df4854a2d7a5d26e16947cada8a23b6fad83735982f1207b13752357 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tiny-range-binarysearch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1758f192df4854a2d7a5d26e16947cada8a23b6fad83735982f1207b13752357 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-124 Malicious code in @blackice12/tiny (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3dc3dc687a571af4ebe3ab1fae475b9aaec61edefaee2108ca8a98bad04948e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...