Lucene search
+L

345 matches found

FireEye
FireEye
added 2017/01/09 4:0 p.m.19 views

Credit Card Data and Other Information Targeted in Netflix Phishing Campaign

Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...

6.6AI score
Exploits0References3
FireEye
FireEye
added 2017/01/09 11:0 a.m.48 views

Credit Card Data and Other Information Targeted in Netflix Phishing Campaign

Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...

6.9AI score
Exploits0
FireEye
FireEye
added 2017/01/09 11:0 a.m.32 views

Credit Card Data and Other Information Targeted in Netflix Phishing Campaign

Introduction Through FireEye’s Email Threat Prevention ETP solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion...

6.6AI score
Exploits0
OSV
OSV
added 2016/12/15 6:59 a.m.7 views

CVE-2016-4028

An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token matches the...

7.5CVSS5.8AI score0.00709EPSS
Exploits1References2
OSV
OSV
added 2016/12/13 4:59 p.m.8 views

CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

5.5CVSS5.2AI score
Exploits0References6
Prion
Prion
added 2016/12/13 4:59 p.m.31 views

Design/Logic Flaw

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

2.1CVSS6.5AI score0.00304EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added 2016/12/13 4:0 p.m.61 views

CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

5.5AI score0.00304EPSS
Exploits0References6
CVE
CVE
added 2016/12/13 4:0 p.m.149 views

CVE-2016-7440

The CVE-2016-7440 issue affects the wolfSSL (formerly CyaSSL) C library’s AES Encryption/Decryption implementation prior to 3.9.10. The vulnerability enables local users to potentially discover AES keys by exploiting cache-bank timing differences during AES operations. The available connected doc...

5.5CVSS5.4AI score0.00304EPSS
Exploits0References6Affected Software1
MariaDBUnix
MariaDBUnix
added 2016/12/13 4:0 p.m.31 views

CVE-2016-7440

Disclaimer: This data contains information about vulnerable...

5.5CVSS6.6AI score0.00304EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/05 12:0 a.m.93 views

MariaDB 10.1.0 < 10.1.19 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.19 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client mysqldump. Supported versions that are affected...

6.6CVSS6.8AI score0.0264EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2016/10/19 9:47 a.m.32 views

CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

5.5CVSS1.9AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2016/10/19 12:0 a.m.3 views

UBUNTU-CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

5.5CVSS6.8AI score0.00304EPSS
Exploits0References4
0day.today
0day.today
added 2016/10/11 12:0 a.m.51 views

Wireless Keyboard Set LX901 GK900 Replay Attack

Exploit for multiple platform in category local exploits Product: Wireless Keyboard Set LX901 Manufacturer: Fujitsu Affected Versions: Model No. GK900 Tested Versions: Model No. GK900 Vulnerability Type: Cryptographic Issues CWE-310 Missing Protection against Replay Attacks Risk Level: Medium...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2016/09/20 9:42 p.m.24 views

MorphAES - IDPS & SandBox & AntiVirus STEALTH KILLER

MorphAES is the world's first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it's cross-platform as well and library-independent. Properties: Polymorphism AES encryption Metamorphism logic and constant...

7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/06/22 12:0 a.m.33 views

Microsoft Windows PDF Library AES Encryption Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

4.3CVSS2.8AI score0.33337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2016/06/07 12:0 a.m.171 views

CVE-2016-4437

Apache Shiro before 1.2.5, when a cipher key has not been configured for the “remember me” feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. Recent assessments: sv3nbeast at April 17, 2020 12:15pm UTC reported: ...

9.8CVSS9.2AI score0.92988EPSS
In wildExploits9References8
ThreatPost
ThreatPost
added 2016/05/13 11:7 a.m.12 views

Petya Ransomware Installs Mischa As Failsafe

The Petya ransomware strain signaled a new escalation for crypto-malware when it surfaced in March. For the first time, ransomware went beyond encrypting files on local and shared drives and instead set its sights on locking up the Master File Table on compromised machines. Petya did have its...

0.3AI score
Exploits0References4
myhack58
myhack58
added 2016/01/03 12:0 a.m.28 views

Windows 2008 GPP exploit-vulnerability warning-the black bar safety net

The test environment Windows 7 ordinary members of the domain Windows 2008 domain controller The first deployment of the GPP, here my deployment strategy is to the domain members are added to a test user, the password is test123 ! Add a local user ! Then came the Group Policy Management ! Will th...

1.2AI score
Exploits0
NVD
NVD
added 2015/12/27 3:59 a.m.18 views

CVE-2015-8253

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...

4.3CVSS4.3AI score0.00651EPSS
Exploits1References2
Prion
Prion
added 2015/12/27 3:59 a.m.15 views

Code injection

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...

4.3CVSS7.1AI score0.00651EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder