ReportizFlow
Filtered by vendor
Subscriptions
Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36885 | 2 Jenkins, Redhat | 2 Github, Openshift | 2024-11-21 | 5.3 Medium |
| Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature. | ||||
| CVE-2022-36105 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.3 Medium |
| TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that observing response time during user authentication (backend and frontend) can be used to distinguish between existing and non-existing user accounts. Extension authors of 3rd party TYPO3 extensions providing a custom authentication service should check if the extension is affected by the described problem. Affected extensions must implement new `MimicServiceInterface::mimicAuthUser`, which simulates corresponding times regular processing would usually take. Update to TYPO3 version 7.6.58 ELTS, 8.7.48 ELTS, 9.5.37 ELTS, 10.4.32 or 11.5.16 that fix this problem. There are no known workarounds for this issue. | ||||
| CVE-2022-35888 | 1 Amperecomputing | 6 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 3 more | 2024-11-21 | 6.5 Medium |
| Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system. | ||||
| CVE-2022-34704 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-11-21 | 4.7 Medium |
| Windows Defender Credential Guard Information Disclosure Vulnerability | ||||
| CVE-2022-34174 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2024-11-21 | 7.5 High |
| In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. | ||||
| CVE-2022-32425 | 1 Mealie | 1 Mealie | 2024-11-21 | 5.3 Medium |
| The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server's response time. | ||||
| CVE-2022-32273 | 1 Opswat | 1 Metadefender | 2024-11-21 | 4.3 Medium |
| As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | ||||
| CVE-2022-32218 | 1 Rocket.chat | 1 Rocket.chat | 2024-11-21 | 4.3 Medium |
| An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries. | ||||
| CVE-2022-31142 | 1 Fastify | 1 Bearer-auth | 2024-11-21 | 7.5 High |
| @fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth. | ||||
| CVE-2022-30332 | 1 Talend | 1 Administration Center | 2024-11-21 | 5.3 Medium |
| In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via a series of requests. | ||||
| CVE-2022-2891 | 1 Wpwhitesecurity | 1 Wp 2fa | 2024-11-21 | 5.9 Medium |
| The WP 2FA WordPress plugin before 2.3.0 uses comparison operators that don't mitigate time-based attacks, which could be abused to leak information about the authentication codes being compared. | ||||
| CVE-2022-2612 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2022-29185 | 1 Totp-rs Project | 1 Totp-rs | 2024-11-21 | 4.2 Medium |
| totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). Prior to version 1.1.0, token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless. Starting with patched version 1.1.0, the library uses constant-time comparison. There are currently no known workarounds. | ||||
| CVE-2022-27814 | 1 Waycrate | 1 Swhkd | 2024-11-21 | 3.3 Low |
| SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option. | ||||
| CVE-2022-27221 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 5.9 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack. | ||||
| CVE-2022-26382 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98. | ||||
| CVE-2022-25332 | 1 Ti | 2 Omap L138, Omap L138 Firmware | 2024-11-21 | 4.4 Medium |
| The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK). | ||||
| CVE-2022-24912 | 1 Runatlantis | 1 Atlantis | 2024-11-21 | 7.5 High |
| The package github.com/runatlantis/atlantis/server/controllers/events before 0.19.7 are vulnerable to Timing Attack in the webhook event validator code, which does not use a constant-time comparison function to validate the webhook secret. It can allow an attacker to recover this secret as an attacker and then forge webhook events. | ||||
| CVE-2022-24784 | 1 Statamic | 1 Statamic | 2024-11-21 | 3.7 Low |
| Statamic is a Laravel and Git powered CMS. Before versions 3.2.39 and 3.3.2, it is possible to confirm a single character of a user's password hash using a specially crafted regular expression filter in the users endpoint of the REST API. Multiple such requests can eventually uncover the entire hash. The hash is not present in the response, however the presence or absence of a result confirms if the character is in the right position. The API has throttling enabled by default, making this a time intensive task. Both the REST API and the users endpoint need to be enabled, as they are disabled by default. The issue has been fixed in versions 3.2.39 and above, and 3.3.2 and above. | ||||
| CVE-2022-24436 | 1 Intel | 1 * | 2024-11-21 | 6.5 Medium |
| Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. | ||||