13 matches found
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG due to the use of a predictable algorithm for generating device lock and wipe PINs based solely on the current Unix timestamp. An attacker can gain unauthorized access to...
CVE-2025-55067
The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...
CVE-2025-55067
The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...
Veeder-Root TLS4B Automatic Tank Gauge System 输入验证错误漏洞
Veeder-Root TLS4B Automatic Tank Gauge System is a security management system for gas stations, tank farms, or industrial storage tanks from Veeder-Root USA. An input validation error vulnerability exists in the Veeder-Root TLS4B Automatic Tank Gauge System, which stems from improper handling of...
EUVD-2025-30196
Malicious code in bioql PyPI...
CVE-2025-55068
Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...
CVE-2025-55068 Dover Fueling Solutions ProGauge MagLink LX4 Devices Integer Overflow or Wraparound
Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...
CVE-2025-55068 Dover Fueling Solutions ProGauge MagLink LX4 Devices Integer Overflow or Wraparound
Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...
CVE-2025-55068
CVE-2025-55068 affects Dover Fueling Solutions ProGauge MagLink LX4 Devices (and related MAGLINK LX products noted in connected sources). The vulnerability arises from the devices’ handling of Unix time values beyond a certain point, allowing a network-available attacker to manually adjust the sy...
PT-2025-38481
Name of the Vulnerable Software and Affected Versions Dover Fueling Solutions ProGauge MagLink LX4 Devices affected versions not specified Description ProGauge MagLink LX4 devices are susceptible to a time-based issue where they fail to correctly handle Unix time values exceeding a specific point...
SUSE CVE-2005-4352
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value 19 Jan 2038, which then wraps around to the minimum value 13 Dec 190...
Cisco CallManager 4.2 / CUCM 4.2 - Logon Page 'lang' SQL Injection
source: https://www.securityfocus.com/bid/25480/info Cisco Unified CallManager and Unified Communications Manager are prone to multiple input-validation vulnerabilities because the applications fail to properly sanitize user-supplied input. These issues include a cross-site scripting vulnerabilit...
OneOrZero Helpdesk以不安全方式生成口令漏洞
OneOrZero Helpdesk是一个PHP/MySQL帮助桌面软件。 OneOrZero生成访问口令的方式上存在漏洞,攻击者可以利用此漏洞推测出自动生成的口令。 OneOrZero的forgot password函数会在回答完安全问题后重置口令,默认下这个口令为空。用户可以通过重置管理员口令并保持回答为空强制重置口令。但是,由于口令重置函数是基于用户名和服务器时间来设置口令的,因此可以通过服务器的时间来判断所设置的口令。 OneOrZero OneOrZero 1.6.0 - 1.6.4 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...