The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT affect YubiCloud.
Source link
[Bug 1812224] CVE-2020-10185 yubikey-val: allows remote attackers to replay an OTP
RELATED STORIES
Bug in Windows 10 manda in crash il disco con… un’icona! Gen 15, 2021 Marco...
# Exploit Title: PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message) #...
Version: 8. Neue Updates von SUSE aufgenommen; Version: 7. Neue Updates von SUSE aufgenommen; Version:...
Red Hat OpenShift Serverless Client kn 1.12.0 Red Hat Product Security has rated this update...
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
[+]Exploit title: Aplikasi E – S A K I P v1.1 Indonesian Goverment File Manager...
# Exploit Title: Life Insurance Management System 1.0 – Multiple Stored XSS
# Date: 4/1/2021
...
|漏洞详情 Foxit Reader和Foxit PhantomPDF都是中国福昕(Foxit)公司的一款PDF文档阅读器。 Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before...
You must be logged in to post a comment.