CVE-2025-14317 User Enumeration in Crazy Bubble Tea mobile application

In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a loyaltyGuestId parameter. Server does not verify the permissions required to obtain the data. This issue was fixed in version 915 Android and 7.4.1 iOS...

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

Linux Distros Unpatched Vulnerability : CVE-2017-14317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A domain cleanup issue was discovered in the C xenstore daemon aka cxenstored in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in...

CVE-2019-14317

creationtimestamp| type| source ---|---|--- 2024-03-10 12:11:41+00:00| seen| https://t.me/ctinow/204228...

SUSE: Security Advisory (SUSE-SU-2017:2611-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-14317

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script ...

SUSE: Security Advisory (SUSE-SU-2017:2466-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2420-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2519-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-14317

It was found that the issue for security flaw CVE-2019-3805, appeared again in another version of the JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. This flaw allows an attacker to modify the PID file in /var/run/jboss-eap/ allowing the init.d script to...

CVE-2019-14317

Summary of the vulnerability (CVE-2019-14317) : In wolfSSL/wolfCrypt up to version 4.1.0, DSA nonces are biased because dsa.c fixes two bits of the nonces. This bias makes it possible for a remote attacker to recover the long-term DSA private key after observing several hundred signatures, via a ...

CVE-2018-14317

Foxit Reader 9.1.0.5096 is affected by a PDF processing type-confusion vulnerability that enables remote code execution when a user opens a malicious page/file. Root cause is improper validation of user-supplied data during PDF handling, allowing an attacker to execute code in the current process...

Debian: Security Advisory (DLA-1132-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4050-1 : xen - security update

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, information leaks, privilege escalation or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

[SECURITY] [DSA 4050-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4050-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2017 https://www.debian.org/security/faq -...

OracleVM 3.4 : xen (OVMSA-2017-0157)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=7590623eeb64d8a8f733c24eb80818f86eb870f0 - BUILDINFO: QEMU upstream...

Fedora Update for xen FEDORA-2017-f7fd3fe7eb

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : xen (SUSE-SU-2017:2611-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14317: A race in...

Fedora 25 : xen (2017-f7fd3fe7eb)

xen: various flaws 1490884 Missing NUMA node parameter verification XSA-231, CVE-2017-14316 Missing check for grant table XSA-232, CVE-2017-14318 cxenstored: Race in domain cleanup XSA-233, CVE-2017-14317 insufficient grant unmapping checks for x86 PV guests XSA-234, CVE-2017-14319 Note that...

SUSE SLES12 Security Update : xen (SUSE-SU-2017:2541-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...