44 matches found
EUVD-2016-3544
Malware in sbrugna...
EUVD-2016-4853
Malware in sbrugna...
EUVD-2016-7612
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-3840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows...
Linux Distros Unpatched Vulnerability : CVE-2016-6709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle...
PT-2025-2845 · Undefined · Undefined
Уязвимость компонента Conscrypt операционной системы Android связана с раскрытием информации. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии...
CVE-2017-13309
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2024-10581 · Conscrypt · Conscrypt
Name of the Vulnerable Software and Affected Versions: Conscrypt affected versions not specified Description: The issue is related to a possible plaintext leak due to improperly used crypto in the readEncryptedData function of ConscryptEngine.java. This could lead to local information disclosure...
CVE-2016-6709
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
CVE-2016-6709
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
UBUNTU-CVE-2016-6709
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
Information disclosure
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
CVE-2016-6709
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
CVE-2016-6709
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High...
CVE-2016-6709
CVE-2016-6709 describes an information disclosure vulnerability in Conscrypt and BoringSSL used by Android. The issue affects Android 6.x and 7.0 prior to 2016-11-01, where a MITM attacker could access sensitive data if a non-standard cipher suite is used by an application. The root cause is an i...
Google Android Conscrypt Information Disclosure Vulnerability
Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, of which Concrypt is a component that uses OpenSSL to provide Java security. An information disclosure vulnerability exists in Concrypt in Android. An attacker could exploit this...
CVE-2016-3840
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153...
CVE-2016-3840
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153...
CVE-2016-3840
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153...
Design/Logic Flaw
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153...