Lucene search
K

24 matches found

OSV
OSV
added 2023/08/31 12:15 p.m.4 views

BELL-CVE-2020-0601 CVE-2020-0601 does not affect BellSoft software

Bulletin has no description...

8.1CVSS5.8AI score0.89436EPSS
Exploits14References1
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.3AI score0.89436EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.48 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2731)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker coul...

8.1CVSS7.3AI score0.89436EPSS
Exploits15References5
GithubExploit
GithubExploit
added 2020/02/03 1:58 p.m.82 views

Exploit for Improper Certificate Validation in Microsoft

CVE-2020-0601 PoC for CVE-2020-0601 – Windows CryptoAPI Cry...

8.1CVSS7AI score0.89436EPSS
Exploits14
Kaspersky
Kaspersky
added 2020/01/22 12:0 a.m.100 views

KLA11720 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in speech recognizer can be exploited to...

8.8CVSS9.9AI score0.89436EPSS
Exploits15References5
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/01/17 5:40 p.m.117 views

Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

So much for a quiet January! By now you must have heard about the new Microsoft® vulnerability CVE-2020-0601, first disclosed by the NSA making it the first Windows bug publicly attributed to the National Security Agency. This vulnerability is found in a cryptographic component that has a range o...

5.8CVSS8.8AI score0.89436EPSS
Exploits14
Talos Blog
Talos Blog
added 2020/01/17 10:14 a.m.173 views

Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage

By Jon Munshaw. Updated January 15th: Added an Advanced Custom Detection ACD signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority. Microsoft released its monthly security update today...

10CVSS0.7AI score0.99193EPSS
Exploits33
Vivaldi Security Advisories
Vivaldi Security Advisories
added 2020/01/17 8:52 a.m.12 views

Minor update (3) for Vivaldi 2.10

Download Vivaldi The following change was made since the second 2.10 update: Upgraded Chromium to 79.0.3945.131 Main photo byJessica Henderson. One of the changes is a mitigation for the widely discussed Windows ECC certificate validation vulnerabilityCVE-2020-0601. However, we strongly recommend...

8.1CVSS7.3AI score0.89436EPSS
Exploits14References1
OpenVAS
OpenVAS
added 2020/01/17 12:0 a.m.57 views

Google Chrome Security Update (stable-channel-update-for-desktop_16-2020-01) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.6AI score0.89436EPSS
Exploits15References3
ThreatPost
ThreatPost
added 2020/01/16 4:5 p.m.180 views

PoC Exploits Published For Microsoft Crypto Bug

Two proof-of-concept PoC exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The vulnerability CVE-2020-0601 could enable an attacker to spoof a code-signing certificate necessary for validati...

5.8CVSS0.6AI score0.89436EPSS
Exploits15References18
CheckPoint Security
CheckPoint Security
added 2020/01/16 12:0 a.m.39 views

Check Point Response to CVE-2020-0601 - CryptoAPI Spoofing Vulnerability

Symptoms - On January 14, 2020, Microsoft published the following: A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a...

8.1CVSS6.9AI score0.89436EPSS
Exploits14
Kaspersky
Kaspersky
added 2020/01/16 12:0 a.m.232 views

KLA11647 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in speech recognizer can be...

8.8CVSS9.6AI score0.89436EPSS
Exploits15References4
Krebs on Security
Krebs on Security
added 2020/01/15 2:31 a.m.124 views

Patch Tuesday, January 2020 Edition

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security...

5.8CVSS0.3AI score0.89436EPSS
Exploits14
GithubExploit
GithubExploit
added 2020/01/15 12:1 a.m.81 views

Exploit for Improper Certificate Validation in Microsoft

It is an offensive tool for network detection, specifically a Ze...

8.1CVSS8.4AI score0.89436EPSS
Exploits14
OpenVAS
OpenVAS
added 2020/01/15 12:0 a.m.79 views

Microsoft Windows Multiple Vulnerabilities (KB4534273)

This host is missing a critical security update according to Microsoft KB4534273 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.1AI score0.89436EPSS
Exploits28References3
CVE
CVE
added 2020/01/14 11:11 p.m.1363 views

CVE-2020-0601

The CVE-2020-0601 issue affects Windows CryptoAPI (Crypt32.dll) and its ECC certificate validation, enabling a spoofing attack where a forged code-signing certificate could make malware appear trusted. Affected platforms include Windows 10 and Windows Server 2016/2019, with the vulnerability tied...

8.1CVSS7.6AI score0.89436EPSS
In wildExploits14References4Affected Software12
The Hacker News
The Hacker News
added 2020/01/14 6:40 p.m.867 views

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a...

10CVSS0.5AI score0.89436EPSS
Exploits23
Information Security Automation
Information Security Automation
added 2020/01/14 6:2 p.m.160 views

Big Microsoft day: EOL for Win7, Win2008 and crypt32.dll

Big Microsoft day. End-of-life for Windows 7 desktops and Windows 2008 servers strictly speaking Windows Server 2008 R2. I think that today many security guys had a fun task to count how many host hosts with win7 and win2008 they still have in the organization. So, Asset Management is a necessity...

10CVSS0.2AI score0.89436EPSS
Exploits23
MSRC
MSRC
added 2020/01/14 6:1 p.m.294 views

January 2020 Security Updates: CVE-2020-0601

The January security updates include several Important and Critical security updates. As always, we recommend that customers update their systems as quickly as practical. Details for the full set of updates released today can be found in the Security Update Guide. We believe in Coordinated...

5.8CVSS1.2AI score0.89436EPSS
Exploits14
MSRC
MSRC
added 2020/01/14 8:0 a.m.29 views

January 2020 Security Updates: CVE-2020-0601

The January security updates include several Important and Critical security updates. As always, we recommend that customers update their systems as quickly as practical. Details for the full set of updates released today can be found in the Security Update Guide. We believe in Coordinated...

8.1CVSS7AI score0.89436EPSS
Exploits14
Rows per page
Query Builder