Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/25 7:34 p.m.31 views

Missing Cryptographic Step in cassproject

Impact CaSS Library, npm:cassproject has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This affects CaSS servers using standalone username/password authentication, which uses a method that expects e2e...

7.2CVSS6.8AI score0.0032EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/25 7:34 p.m.26 views

GHSA-7QCX-4P32-QCMX Missing Cryptographic Step in cassproject

Impact CaSS Library, npm:cassproject has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This affects CaSS servers using standalone username/password authentication, which uses a method that expects e2e...

6.3CVSS6.6AI score0.0032EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/08/04 6:14 p.m.15 views

Lack of Encryption Leads to Large Scale Cookie Exposure

LAS VEGAS—There’s been an abundance of attacks against crypto over the last few years but a much simpler, scarier threat, cookie hijacking, remains significantly overlooked in the eyes of researchers. Two academics, Suphannee Sivakorn, a PhD student at Columbia University, and Jason Polakis, an...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/03/03 11:21 a.m.8 views

Weak Bank Password Policies Leave 350 Million Vulnerable, Say Researchers

Should passwords that protect your financial data be less secure than the ones used to lock up selfies, cat videos and tweets swapped on social networks? In a study that looked at the password strength required to access website account for Wells Fargo, Capital One and 15 other banks, researchers...

7.5AI score
Exploits0References2
seebug.org
seebug.org
added 2007/05/05 12:0 a.m.40 views

MSN Passport accounts remote DoS code

No description provided by source. !/usr/bin/perl by: Simo aka 6mOHaCk 1 december 2005 MorX security research team www.morx.org Details: it seems that msn passport users using services such hotmail email and msn messenger and more ...

7.1AI score
Exploits0
Rows per page
Query Builder