Lucene search
K

165 matches found

OSV
OSV
added 2017/12/25 9:29 p.m.4 views

CVE-2017-13874

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection...

7.5CVSS7.3AI score0.01036EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/13 12:0 a.m.4 views

Joyent Node.js Authentication Bypass Vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

9.1CVSS6.9AI score0.02385EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/25 12:0 a.m.4 views

Synology DiskStation Manager (DSM) Encryption Mechanism Bypass Vulnerability

Synology DiskStation Manager is an operating system for use on networked storage servers NAS. A security vulnerability in Synology DiskStation Manager SYNO.API.Encryption allows remote attackers to bypass the encryption protection mechanism by submitting a special 'version' parameter request...

7.5CVSS7.6AI score0.01427EPSS
Exploits0References1
OSV
OSV
added 2017/07/24 8:29 p.m.3 views

CVE-2017-9553

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...

7.5CVSS5.8AI score0.01427EPSS
Exploits0References2
Prion
Prion
added 2017/07/24 8:29 p.m.18 views

Design/Logic Flaw

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...

4.3CVSS7.2AI score0.01427EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/24 8:0 p.m.62 views

CVE-2017-9553

CVE-2017-9553 concerns a design flaw in Synology DiskStation Manager (DSM) SYNO.API.Encryption that, on DSM versions prior to 6.1.3-15152, allows remote attackers to bypass the encryption protection mechanism by sending a crafted version parameter. The issue affects DSM’s SYNO.API.Encryption comp...

7.5CVSS7.5AI score0.01427EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2017/03/08 6:58 a.m.19 views

10 Things You Need To Know About 'Wikileaks CIA Leak'

Yesterday WikiLeaks published thousands of documents revealing top CIA hacking secrets, including the agency's ability to break into iPhones, Android phones, smart TVs, and Microsoft, Mac and Linux operating systems. It dubbed the first release as Vault 7. Vault 7 is just the first part of leak...

7AI score
Exploits0
OSV
OSV
added 2017/01/30 10:59 p.m.2 views

DEBIAN-CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...

7.5CVSS6.8AI score0.03167EPSS
Exploits1References1
OSV
OSV
added 2017/01/30 12:0 a.m.4 views

UBUNTU-CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...

7.5CVSS6.7AI score0.03167EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2016/07/06 2:0 p.m.48 views

July 2016 Android Security Bulletin

The frail world of the Android ecosystem has taken some hits in the past week with the disclosure of a full disk encryption bypass vulnerability and the arrival of the HummingBad malware. The FDE bypass highlighted the need to keep Android patch levels current, but as Duo Labs statistics point ou...

10CVSS0.8AI score0.77906EPSS
Exploits1References5
OSV
OSV
added 2016/06/30 4:59 p.m.11 views

CVE-2016-2141

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

9.8CVSS9.3AI score
Exploits0References25
BDU FSTEC
BDU FSTEC
added 2016/05/05 12:0 a.m.8 views

The vulnerability of the Junos operating system, which allows a hacker to bypass the cryptographic mechanisms used for encryption and authentication protection.

The vulnerability of the Junos operating system is related to errors in cryptographic transformations. Exploiting this vulnerability allows a malicious actor to bypass the cryptographic mechanisms used for encryption and authentication...

4.3CVSS6.2AI score0.00664EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2015/12/10 12:0 a.m.2 views

Cisco TelePresence Video Communication Server Information Disclosure Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. Cisco TelePresence Video Communication Server VCS X8.6 uses the same key for different customer installations, which allows local users to bypass encryption protection mechanisms...

2.1CVSS6.6AI score0.00232EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/15 12:0 a.m.5 views

Microsoft Windows Trusted Boot Security Feature Bypass Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A security feature bypass vulnerability exists in Microsoft Windows. An attacker can exploit this vulnerability to disable code integrity checking, load signed...

7.2CVSS6.9AI score0.01672EPSS
Exploits2References1
ThreatPost
ThreatPost
added 2015/08/10 1:19 p.m.11 views

Researchers Unveil Square Reader Mobile POS Hacks

It wasn’t long ago when hacking a point-of-sale system meant deploying a RAM scraper at a retailer, sitting back and watching the credit card numbers roll in. Now that POS has gone mobile with vendors such as Square, Intuit, Revel and others using hardware fobs connected to smartphones and tablet...

0.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/06/27 4:34 p.m.7 views

python-keystoneclient: middleware memcache encryption and signing bypass

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

9.8CVSS5.8AI score0.01764EPSS
Exploits1References4
Prion
Prion
added 2012/08/06 4:55 p.m.16 views

Arbitrary file deletion

The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and...

4.3CVSS6.9AI score0.0163EPSS
Exploits0References4Affected Software2
The Hacker News
The Hacker News
added 2011/09/08 4:35 p.m.10 views

Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity

Offline Windows Analysis and Data Extraction OWADE - Forensics tool to expose all your online activity Researchers "Elie Bursztein " from Stanford University in California have managed to bypass the encryption on a PC's hard drive to find out what websites a user has visited and whether they have...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2010/02/12 12:0 a.m.32 views

DECT标准密码加密绕过漏洞

Bugraq ID: 38152 DECT是数字增强型无线通讯标准。 DECT标准密码DSC加密标准存在加密绕过问题,允许攻击者恢复密钥。 攻击者可以利用漏洞破解DSC加密算法,然后读取无线设备发送到基站的加密数据,允许攻击者获得敏感信息。 针对DECT标准密码的分析将在FSE2010会议上演讲。总的来说可以在PC上在几分钟内恢复DSC的密钥,但是需要几小时获取足够多的密钥流。 DECT Forum DECT 目前没有解决方案提供: http://www.dect.org/index.aspx...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2009/09/19 12:0 a.m.119 views

QNAP Systems Encryption Bypass

Title: Crypto backdoor in Qnap storage devices Date: 18 September 2009 URL: http://www.baseline-security.de/downloads/BSC-QnapCryptoBackdoor-CVE-2009-3200.txt Vendor: QNAP Systems Products verified: TS-239 Pro, TS-639 Pro Products unverified: SS-439 Pro, TS-439 Pro, TS-439U-SP/RP, TS-509 Pro,...

5.9CVSS0.2AI score0.00404EPSS
Exploits2
Rows per page
Query Builder