5771 matches found
EFF: Fifth Amendment Protects Against Compelled Decryption
With new leaks about the extent of U.S. government surveillance coming almost daily, one constant remains among all the deterrents to the NSA’s prying eyes: encryption technology works. As far as we know, the math behind encryption is solid, despite the specter of some unnamed breakthrough made b...
Mozilla nss uninitialized memory dereference
Uninitialized memory dereference on decryption...
Mandriva Linux Security Advisory : nss (MDVSA-2013:257)
A vulnerability has been discovered and corrected in mozilla NSS : Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact v...
CVE-2013-1739
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
DEBIAN-CVE-2013-1739
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
Design/Logic Flaw
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
CVE-2013-1739
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
CVE-2013-1739
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
CVE-2013-1739
Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure...
Vulnerability in WhatsApp allows decrypting user messages
A serious vulnerability in WhatsApp allows anyone who is able to eavesdrop on WhatsApp connection to decrypt users' messages. Whatsapp, the mobile application for instant messaging platform has become one of the main communication tools of the present day and its popularity makes it attractive fo...
Vulnerability in WhatsApp allows decrypting user messages
A serious vulnerability in WhatsApp allows anyone who is able to eavesdrop on WhatsApp connection to decrypt users' messages. Whatsapp, the mobile application for instant messaging platform has become one of the main communication tools of the present day and its popularity makes it attractive fo...
Symantec Management Platform Agent Static Service Key
SUMMARY The Symantec Management Platform agent and task agent installs a registry service key that is used to retrieve software packages from package servers. The registry key is locally accessible and can potentially be extracted and decrypted by an authorized local user using a static key commo...
ESPCMS SQL 盲注漏洞
易思ESPCMS企业网站管理系统基于LAMP开发构建的企业网站管理系统,它具有操作简单、功能强大、稳定性好、扩展性及安全性强 漏洞不受gpc影响,首先获取cookie,通过特定程序逆向出解密的密钥,加密攻击字符窜,通过返回的页面判断真假 0 ESPCMS 厂商补丁: ESPCMS ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.ecisp.cn...
[JBrute v0.9.4] Open Source Security tool to audit hashed passwords
JBrute is an open source tool written in Java to audit security and stronghold of stored password for several open source and commercial apps. It is focused to provide multi-platform support and flexible parameters to cover most of the possible password-auditing scenarios. Java Runtime version 1....
FBI compromised Tor hidden service to bust largest Child Pornography Ring
A few days before the servers of the largest provider of Ultra Anonymous hosting were found to be serving custom malware designed to identify visitors who were using the Tor service to hide their identity online. The javascript code exploited a security vulnerability in the open-source version of...
Shopex ctl. passport. php file to an SQL injection vulnerability analysis report-vulnerability warning-the black bar safety net
This vulnerability has been announced in the company to do vulnerability analysis, just share the document. Vulnerability is the author of the blue The exploitability of the vulnerability please see: http://www.cnseay.com/3339/ Part of the code the zend encryption, analysis is required before...
Multi Gather Firefox Signon Credential Collection
This module will collect credentials from the Firefox web browser if it is installed on the targeted machine. Additionally, cookies are downloaded. Which could potentially yield valid web sessions. Firefox stores passwords within the signons.sqlite database file. There is also a keys3.db file whi...
Design/Logic Flaw
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicantkey.pem on all systems, which allows local user...
CVE-2013-0943
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin...
Design/Logic Flaw
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin...