4 matches found
Cleartext Storage of Sensitive Information
Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in a local SQLite database. An attacker can access sensitive information,...
CVE-2014-125055
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitability is told to be difficult...
CVE-2020-15150
There is a vulnerability in Paginator Elixir/Hex package which makes it susceptible to Remote Code Execution RCE attacks via input parameters to the paginate function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has been patched in version...
PT-2022-11591 · Noise · Noise
Name of the Vulnerable Software and Affected Versions: github.com/flynn/noise versions prior to v1.0.0 Description: The Noise protocol implementation has weakened cryptographic security after encrypting 2^64 messages and is vulnerable to a potential denial of service attack. After 2^64 messages a...